Recent Security News

  • Microsoft: State hackers exploiting Confluence zero-day since September

    October 11, 2023 at 10:35AM A Chinese-backed threat group, known as Storm-0062 or DarkShadow, has been exploiting a zero-day vulnerability in Atlassian Confluence Data Center and Server since September 2023. Microsoft has shared more information about the group’s involvement and identified four offending IP addresses. The vulnerability allows the group to create arbitrary administrator accounts.…

    Read More

  • Generative AI Security: Preventing Microsoft Copilot Data Exposure

    October 11, 2023 at 10:35AM Microsoft Copilot is an AI assistant integrated into Microsoft 365 apps that aims to improve productivity by searching and compiling data across documents, presentations, emails, and more. However, this access to sensitive data raises security concerns for information security teams. Varonis offers a Data Security Platform that can help address…

    Read More

  • Reassessing the Impacts of Risk Management With NIST Framework 2.0

    October 11, 2023 at 10:08AM Global cyberattacks have risen by 38% in 2022, as reported by Check Point. The cost of a data breach is also increasing, averaging $9.44 million in the US and $4.25 million globally in 2022. To combat this, the National Institute of Standards and Technology (NIST) has updated its Cybersecurity Framework…

    Read More

  • Payment Card Data Stolen in Air Europa Hack

    October 11, 2023 at 10:07AM Spanish airline Air Europa is urging customers to cancel their payment cards due to a recent hack. The company detected unauthorized access to a system storing payment card data, potentially compromising partial card numbers, expiration dates, and CVV codes. Impacted customers are advised to contact their bank and watch out…

    Read More

  • Citrix Patches Critical NetScaler ADC, Gateway Vulnerability

    October 11, 2023 at 10:07AM Citrix has released patches for a critical vulnerability in NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. The vulnerability, CVE-2023-4966, could lead to sensitive information disclosure and can be exploited without authentication. Citrix advises customers to upgrade their appliances to the supported versions. The company has also addressed a denial-of-service…

    Read More