Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst […]
Cyber News
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. “It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website,” Netskope Threat […]
Cyber News
Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which will remain in service through the […]
Cyber News
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system and discovered by Stiofan. It impacts the following […]
Cyber News
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. “The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents […]
Cyber NewsUnlocking Success: Compliance Strategies for Robo-Advisor Platforms The world of finance is undergoing a significant transformation, driven by advancements in technology and changing consumer preferences. One of the most prominent developments in this space is the rise of robo-advisors. These automated investment platforms are reshaping the way individuals manage their finances, offering convenience, accessibility, and […]
FINRA ComplianceUnlocking Hidden Value in Application Due Diligence In the world of mergers and acquisitions (M&A), due diligence is a critical step that can make or break a deal. Traditionally, due diligence has focused on financials, legal compliance, and operational efficiency. However, in today’s rapidly evolving digital landscape, there’s a hidden treasure trove of value waiting […]
Value-Enhancing Application Due DiligenceThe Role of vCISO in a Globalized, Interconnected Economy In an era where businesses transcend geographical boundaries, data flows ceaselessly, and cyber threats loom larger than ever, the role of a virtual Chief Information Security Officer (vCISO) has become increasingly vital in safeguarding organizations in our globalized, interconnected economy. With the rapid proliferation of technology […]
Virtual Chief Information Security Officer (vCISO)The Evolution of Application Consulting in an AR/VR World The worlds of augmented reality (AR) and virtual reality (VR) were once realms reserved for the fantasies of science fiction enthusiasts. Now, they are a part of our everyday life, driving change in industries from gaming to healthcare, education, and even real estate. Amidst these transformative […]
AI Integration for Applications