July 3, 2024 at 06:24AM Qualys discovered a critical OpenSSH vulnerability, CVE-2024-6387, known as regreSSHion, that allows unauthenticated attackers to execute remote code. More than 14 million OpenSSH instances are potentially vulnerable. Exploitation is challenging and not yet confirmed in the wild. While attempts have been made, Palo Alto Networks was unable to achieve remote … Read more
May 16, 2024 at 10:10AM The National Vulnerability Database (NVD) initially created by NIST to centralize cybersecurity vulnerability intelligence is now struggling due to various factors. Increased accessibility led to a surge in low-quality reports, with inexperienced researchers seeking recognition and monetary incentives. As a result, the NVD has not updated vulnerabilities since February, highlighting … Read more
May 9, 2024 at 10:37AM Over 60 vendors have pledged to develop secure products as part of the “Secure by Design” initiative led by CISA. The focus is on addressing security as a core business requirement, with the onus on manufacturers rather than individual users. Signatories are asked to consider and demonstrate progress towards seven … Read more
May 2, 2024 at 11:27AM The RSA Conference is happening in San Francisco, offering insights and solutions for cybersecurity challenges. SOC teams face issues with fragmented tools, leading to alert fatigue and burnout. The choice between platform and best-of-breed solutions involves integration, vendor lock-in, and regulatory considerations. Consider assessing security needs, evaluating products, and understanding … Read more
March 22, 2024 at 11:36AM The text discusses the prevalence of impostor syndrome in the cybersecurity industry. The author shares personal experiences and insights from experts, highlighting the industry’s technical nature and gatekeeping tendencies. The importance of community support and strategies for managing impostor syndrome are emphasized. The overall message encourages normalization of impostor syndrome … Read more
March 14, 2024 at 07:57AM SecurityWeek will host a contest called “Cyber Madness” bracket challenge, allowing the cybersecurity community to compete in a fun and competitive manner during the 2024 NCAA Men’s Basketball Tournament. Participants have a chance to win prizes, earn bragging rights, and enjoy the event. The meeting notes outline the plan for … Read more
December 13, 2023 at 10:48AM MITRE, in collaboration with the cybersecurity community and the industrial sector, has developed EMB3D, a threat model tailored for embedded devices in critical infrastructure. With a focus on mitigating threats, EMB3D provides a knowledge base and mappings to device properties while offering technical mitigations. It aims to enhance device security … Read more
December 11, 2023 at 11:08AM Researchers have linked the Sandman threat group, known for cyberattacks on telecom providers, to a growing network of Chinese government-backed advanced persistent threat (APT) groups. This assessment by Microsoft, SentinelLabs, and PwC reveals shared practices and overlaps in malware development, emphasizing the need for collaboration within the cybersecurity community. From … Read more
November 17, 2023 at 03:56PM The cybercrime group known as Scattered Spider has been able to successfully attack US organizations without being disrupted or arrested, despite federal law enforcement being aware of their identities for over six months. The FBI and CISA have released an advisory to help organizations defend against Scattered Spider, but it … Read more
October 16, 2023 at 02:06AM Signal messenger has investigated rumors of a zero-day security vulnerability related to its link preview feature but found no evidence of its existence. US government sources also confirmed that there is no information suggesting the vulnerability is valid. Signal advises users to disable the link previews feature as a precaution … Read more