Recent Security News
-
US Government Releases Security Guidance for Open Source Software in OT, ICS
October 11, 2023 at 10:07AM Several US government agencies, including CISA, the FBI, the NSA, and the US Department of Treasury, have released new cybersecurity guidance for using open source software (OSS) in operational technology (OT). The guidance aims to promote understanding and best practices for implementing OSS in industrial control systems and other OT…
-
Simpson Manufacturing shuts down IT systems after cyberattack
October 11, 2023 at 09:59AM Simpson Manufacturing, a leading American building and structural materials producer, disclosed a cybersecurity incident via an SEC filing. The company detected IT problems and application outages caused by a cyberattack, leading them to take impacted systems offline. The disruption in business operations is expected to continue as remediation efforts are…
-
LinkedIn Smart Links attacks return to target Microsoft accounts
October 11, 2023 at 09:59AM Hackers are exploiting LinkedIn Smart Links in phishing attacks to steal Microsoft account credentials. The Smart Links, used for marketing and tracking, appear to come from a trustworthy source and bypass email protections. The recent attacks targeted a range of sectors, including finance, manufacturing, energy, construction, and healthcare. The phishing…
-
From chaos to cadence: Celebrating two decades of Microsoft’s Patch Tuesday
October 11, 2023 at 09:09AM Microsoft introduced Patch Tuesday in October 2003, a monthly release of software fixes on the second Tuesday of each month. The change brought predictability and stability for IT administrators, who previously faced chaotic patching processes. The number of patches has increased significantly over the years, and other vendors have joined…
-
Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023
October 11, 2023 at 08:54AM Over 17,000 WordPress websites were hacked in September 2023, double the number from the previous month. Around 9,000 of these websites were infiltrated using a security flaw in the tagDiv Composer plugin, allowing for cross-site scripting attacks. The Balada Injector malware is responsible for these attacks, which aim to redirect…