Backup and data management vendor Cohesity has started to preview a new ransomware protection SaaS product called Datahawk, which leverages AI and a host of other capabilities to help companies defend their data against bad actors. There are three core components to Datahawk, according to Cohesity. The first is a ransomware detection engine that uses […]
Cyber News, Cyber Threat Trends
Identity and access management (IAM) vendor ForgeRock said Tuesday that it’s set to start rolling out its new Identity Governance offering—a cloud-based security and governance product designed to provide one-stop shopping for organizations looking to solve access management issues. There are three main components to ForgeRock’s newest IAM product, according to the company. The first, […]
Cyber News, Cyber Threat Trends
Credit: Marina Minkin A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that’s used in safety-critical infrastructure, potentially causing the failure of systems powering spacecraft and aircraft. Dubbed PCspooF by a group of academics and researchers from the University of Michigan, the University of Pennsylvania, and the NASA
Cyber News, Cyber Threat Trends
Cybersecurity researchers have disclosed details of now-patched flaws in Zendesk Explore that could have been exploited by an attacker to gain unauthorized access to information from customer accounts that have the feature turned on. “Before it was patched, the flaw would have allowed threat actors to access conversations, email addresses, tickets, comments, and other information […]
Cyber News, Cyber Threat TrendsAccording to Symantec, the targeting of a certificate authority was notable
Cyber News, Cyber Threat Trends
Researchers at cloud coding security company Oxeye have written up a critical bug that they recently discovered in the popular cloud development toolkit Backstage. Their report includes an explanation of how the bug works, plus proof-of-concept (PoC) code showing how to exploit it. Backstage is what’s known as a cloud developer portal – a sort […]
Cyber News, Cyber Threat TrendsHealthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. Read more in my article on the Tripwire State of Security blog.
Cyber News, Cyber Threat Trends
Spotify’s Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), […]
Cyber News, Cyber Threat TrendsDTrack has not changed substantially, but Lazarus made some “interesting” modifications
Cyber News, Cyber Threat Trends