Recent Security News
-
Are SOC 2 Reports Sufficient for Vendor Risk Management?
July 5, 2024 at 10:21AM Businesses heavily rely on third-party vendors for various services, but this dependence introduces security vulnerabilities. Cybercriminals exploit weaknesses in vendors to target organizations, making robust vendor risk management crucial. While SOC 2 reports are useful, they have limitations. Organizations should supplement them with security questionnaires, testing, contractual agreements, and ongoing…
-
Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks
July 5, 2024 at 09:07AM A webinar on Identity Threat Detection and Response (ITDR) will provide insider knowledge on modern cybersecurity threats and protection. Led by Silverfort’s VP of Product Marketing, Yiftach Keshet, the session will cover hidden security vulnerabilities, top features of ITDR solutions, real-world scenarios, and future identity security trends. Register now before…
-
OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers
July 5, 2024 at 09:07AM OVHcloud recently thwarted a record-breaking DDoS attack, reaching a packet rate of 840 million packets per second. The attack utilized a TCP ACK flood from 5,000 source IPs and a DNS reflection attack from 15,000 DNS servers. Such attacks, including those leveraging compromised MikroTik routers, are becoming more frequent and…
-
Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks
July 5, 2024 at 09:07AM Cybercriminal activity has increased around the Euro 2024 football tournament, with over 15,000 UEFA credentials exposed on underground forums. Threat intelligence firm Cyberint warns of potential risks for fans and their employers due to stolen corporate credentials. The tournament has already been targeted by DDoS attacks and is expected to…
-
Latest Ghostscript vulnerability haunts experts as the next big breach enabler
July 5, 2024 at 08:41AM Infosec experts are discussing a vulnerability in Ghostscript, which may lead to significant breaches. The format string bug, designated as CVE-2024-29510, allows remote code execution (RCE) on systems running Ghostscript. It poses a serious threat to web applications and services utilizing Ghostscript for document conversion and preview functionality. The severity…