Infosecurity News
ISACA: Two-Thirds of Cybersecurity Teams Are Understaffed
ISACA's State of Cybersecurity 2022 report revealed ongoing struggles to hire and retain skilled cybersecurity professionals
Infosecurity News
Security Concerns Scupper Deals for Two-Thirds of Firms
Global report ties poor security to bottom-line impact
Infosecurity News
Two-Thirds of European Firms Have Started Zero Trust
Forrester claims public sector is leading the way
Infosecurity News
Two-Thirds of Global Banks Witness Surge in Destructive Attacks
VMware report finds Russia is seen biggest threat
Infosecurity News
Two-Thirds of Security Pros Have Burnt Out in Past Year
Excessive workload is the most common contributing factor
CyberSecurity Dive
Rackspace says more than two-thirds of customers regained email access
The cloud company continued efforts to transition customers to Microsoft 365 following a Dec. 2 ransomware attack.
Infosecurity News
Two-Thirds of IT Leaders Say GDPR Has Reduced Consumer Trust
Increased awareness of data privacy issues has reduced trust in organizations, according to the survey
Infosecurity News
Two-Thirds of UK Sites Vulnerable to Bad Bots
Those selling goods and classified ads are particularly exposed
Infosecurity News
Over Two-Thirds of FortiGate Firewalls Still at Risk
Bishop Fox said they have successfully developed an exploit for the vulnerability
Infosecurity News
War in Ukraine Has Pushed Two-Thirds of Businesses to Change Cyber Strategy
The use of machine identity tools is growing in state-sponsored cyber-attacks
Infosecurity News
Two-Thirds of Organizations Failing to Address AI Risks, ISACA Finds
An ISACA survey found that just a third of organizations are adequately addressing security, privacy and ethical risks with AI
CyberNews
Audio codec flaw left two-thirds of Android smartphones vulnerable to spying | CyberNews
Major chipset makers ported vulnerable code into their audio decoders.
ZDNet
Android security: Flaw in an audio codec left two-thirds of smartphones at risk of snooping, say researchers | ZDNet
Millions of Android phones were exposed to an easily exploitable flaw in an audio codec used in chips from MediaTek and Qualcomm.
SecurityWeek
GitHub Rolls Out 'Code Scanning Autofix' in Public Beta
GitHub’s code scanning autofix delivers remediation suggestions for two-thirds of the identified vulnerabilities.
CyberSecurity Dive
SaaS sprawl amps up security challenges amid heightened risk
Two-thirds of businesses say they're spending more on SaaS applications year over year, Axonius data shows.
CyberNews
Russia leads in content removal requests to Google
Russia accounts for two thirds of 355,000 content removal requests Google received from various governments over the last decade.
The Cyber Express
Cybersecurity Experts Admit Lack of Knowledge Prompted Mistakes at Work: Report
With human error responsible for almost two-thirds of cyber incidents in the last two years, over 50% of current cybersecurity
Infosecurity News
Lack of Understanding, Underfunding Threaten Data Privacy & Compliance
According to ISACA, two-thirds of professionals don’t fully understand the privacy regulations their organization needs to comply with
Infosecurity News
Ransomware Attacks and Payments Soar in 2021
Around two-thirds (66%) of organizations were hit by a ransomware attack in 2021, surging from 37% in 2020
CyberNews
Big Tech dominates digital ad market despite antitrust measures
Amazon, Apple, Meta, Microsoft, and Alphabet-owned Google will attract almost two-thirds of US digital ad dollars in 2024.
DataBreaches
Recovering from ransomware: One organization’s inside story
Yann Serra reports: On Sunday 21 February 2021, Manutan, a large office equipment distributor, discovered that two-thirds of its 1,200 servers had succumbed...
CyberNews
Paris 2024 partners lax about email fraud – experts
Two-thirds of the official Paris Olympic Games partners do not have sufficient measures to protect the public from email fraud, cybersecurity experts have warned.
DarkReading
With Plunge in Value, Cryptocurrency Crimes Decline in 2022
Cybercrime has been funded with cryptocurrency, but the valuation of various digital currencies has dropped by more than two-thirds and cybercriminals are feeling the pinch.
Infosecurity News
Businesses Increase Cybersecurity as Budgets Surge in 2024
Over two-thirds of IT decision-makers increase cybersecurity budgets in 2024, prioritizing cloud security and incident response as cyber threats escalate
CyberNews
Online daters are turning to AI for romance advice
Two-thirds (64%) of online daters are seeking help from AI when seeking a partner, while more daters are succumbing to romance scams.
Infosecurity News
Veeam Patches Two Critical Bugs in Veeam ONE
Two flaws have near-maximum CVSS scores
CyberNews
Bad news for movie theaters: most Americans prefer new releases on streamers
Two-thirds of US adults would rather wait for new movies to be released on streaming than watch them on the big screen.
DarkReading
Microsoft Patches Two Zero-Day Vulnerabilities
The 49 CVE's in Microsoft's May security update is the lowest volume in nearly two years.
Security Affairs
Fortinet addressed two critical FortiSIEM vulnerabilities
Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code
SecurityWeek
Two Jira Plugin Vulnerabilities in Attacker Crosshairs
Attackers are exploiting two path traversal vulnerabilities in the Stagil navigation for Jira – Menus & Themes plugin.
Infosecurity News
Ivanti Releases Zero-Day Patches and Reveals Two New Bugs
Ivanti has finally released updates to fix two zero-day bugs and two new high-severity vulnerabilities
SecurityWeek
Two Men Arrested Following Poland Railway Hacking
Polish police have arrested two men suspected of illegally hacking into the national railway's communications network
Security Affairs
Google fixed two actively exploited Pixel vulnerabilities
Google addressed several vulnerabilities in Android and Pixel devices, including two actively exploited flaws.
SecurityWeek
US Sanctions Two ISIS-Affiliated 'Cybersecurity Experts'
US Treasury Department announces sanctions against two Egyptian nationals accused of running an ISIS cyber platform.
Security Affairs
Two zero-day bugs in Ivanti Connect Secure actively exploited
Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure.
ZDNet
Two-factor authentication is a great idea. But not enough people are using it | ZDNet
Two-factor authentication can be a major barrier against accounts being hacked, so why aren't you using it?
Bleeping Computer
Dozens of COVID passport apps put user's privacy at risk
Roughly two-thirds of test digital vaccination applications commonly used today as safe passes and travel passports exhibit behavior that may put users' privacy at risk.
CyberSecurity Dive
C-suite leaders to boost cybersecurity compliance amid SEC disclosure rule: Deloitte
Almost two-thirds of corporate executives plan to strengthen their respective programs, and push third-party vendors to take similar measures as new incident reporting rules begin.
Infosecurity News
Microsoft Patches 150 Flaws Including Two Zero-Days
April’s Patch Tuesday saw fixes for 150 CVEs, including two being actively exploited in the wild
Infosecurity News
Special Police Constable Gets Two Years for Child Abuse Offenses
Trainee solicitor handed two-year suspended sentence
DataBreaches
Two States Enact Insurance Data Security Laws
Hunton Andrews Kurth writes: In April 2022, two states enacted insurance data security legislation based on the National Association of Insurance Commissioners...
DataBreaches
A Tale of Two Breach Notification Rules
Matt Fisher writes: The early days of February 2023 saw two very different settlements announced related to healthcare data breaches. One arguably follows a...
Infosecurity News
Microsoft Fixes Two Zero-Days in February Patch Tuesday
Two zero-day bugs actively exploited in the wild now have official Microsoft patches
SecurityWeek
Lighting Giant Acuity Brands Discloses Two Data Breaches
Acuity Brands has disclosed two data breaches, including one that may have involved a Conti ransomware attack.
The Record
Netgear releases patches for two high-severity vulnerabilities
The network hardware giant discovered two vulnerabilities affecting one of its router models and its network management software.
CyberNews
Two arrested for attacking nuclear warning system | Cybernews
Law enforcement authorities in Spain arrested two former employees for conducting a cyberattack against the country’s radioactivity alert network.
Infosecurity News
Two-Fifths of Log4j Apps Use Vulnerable Versions
Two years after a critical vulnerability was found in utility Log4j, 38% of apps still use buggy versions
The Record
OpenSSL releases fixes for two ‘high’ severity vulnerabilities
OpenSSL released patches for two vulnerabilities that caused widespread concern among cybersecurity experts and researchers over the last week.
SecurityWeek
BIND Updates Patch Two High-Severity DoS Vulnerabilities
The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely.
DataBreaches
France frees the two biggest Spanish hackers
The following is from a machine translation of an article by Luis F. Duran that appeared at El Mundo on October 18: Last Thursday, French Justice released two...
CSO
OpenSSL project patches two vulnerabilities but downgrades severity
The two vulnerabilities in OpenSSL 3.0 are now rated as high rather than critical severity after further testing.
SecurityWeek
Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks
At least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched
SecurityWeek
Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
Microsoft has confirmed that it’s aware of two Exchange Server zero-day vulnerabilities being exploited in targeted attacks.
Infosecurity News
Ivanti Patches Two Critical Avalanche Flaws in Major Update
Ivanti has fixed two critical vulnerabilities in its Avalanche MDM product which could lead to remote code execution
The Record
Two new vulnerabilities found in popular baseboard software
Two new vulnerabilities have been found in a popular brand of baseboard software used in millions of devices worldwide.
Latest Hacking News
Microsoft Patch Tuesday For December 2022 Fixes Two Zero-Days
This week, Microsoft rolled out its monthly scheduled updates for Windows systems. The December Patch Tuesday was the last Microsoft update for 2022, fixing two zero-day vulnerabilities and 50 other flaws. Microsoft Addressed Two Zero-Day Vulnerabilities Regarding
The Record
Okta says two customers breached during January security incident
Okta ended its partnership with Sitel and said only two of its customers were breached during a January incident.
SecurityWeek
Android's October 2023 Security Updates Patch Two Exploited Vulnerabilities
The October 2023 security update for Android patches two vulnerabilities exploited in attacks, both likely linked to spyware vendors.
Security Affairs
Ivanti fixed two critical flaws in its Avalanche MDM
Ivanti addressed two critical flaws in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution.
Bleeping Computer
Save 55 percent on this NordVPN two-year subscription
You can get this NordVPN two-year subscription on sale for just $89 (reg. $198) for a limited time only.
Security Affairs
Apple addressed two actively exploited zero-day flaws
Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads. Impacted devices include: Both vulnerabilities were reported by Clément Lecigne of Google’s Threat Analysis Group […]
Security Affairs
New InfectedSlurs Mirai-based botnet exploits two zero-days
Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.
SecurityWeek
Sony Confirms Data Stolen in Two Recent Hacker Attacks
Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.
Bleeping Computer
Google shut down caching servers at two Russian ISPs
Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled.
SecurityWeek
CISA Says Two Old JasperReports Vulnerabilities Exploited in Attacks
CISA has added two old JasperReports flaws, CVE-2018-5430 and CVE-2018-18809, to its list of known exploited vulnerabilities.
ZDNet
iPhone iOS 16.1.1 fixes two security vulnerabilities - time to update
Two security flaws could allow attackers to remotely crash apps or run commands on iPhones and iPads.
SecurityWeek
Microsoft Patches Two Zero-Days Exploited for Malware Delivery
Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.
SecurityWeek
Cosmetics Giant Estée Lauder Targeted by Two Ransomware Groups
Estée Lauder has confirmed suffering a data breach just as two ransomware groups claimed to have targeted the company
The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
Security Affairs
CISA adds two Zabbix flaws to its Known Exploited Vulnerabilities Catalog
US CISA added two flaws impacting Zabbix infrastructure monitoring tool to its Known Exploited Vulnerabilities Catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities impacting the Zabbix infrastructure monitoring tool to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting the two vulnerabilities that are reported in the following table: CVE ID Vulnerability Name Due […]
DataBreaches
Two Texas school districts report breaches, but what happened?
Two Texas school districts — Weatherford Independent School District and Tuloso Midway ISD — reported breaches to the Texas Attorney...
Cyber Security News
Two-Year Long DangerousSavanna Campaign Attack Financial & Banking Institutions
Over the past two years, a persistent malicious campaign dubbed "DangerousSavanna" has targeted major financial institutions and insurance companies.
SecurityWeek
US, UK Announce Charges and Sanctions Against Two Russian Hackers
The US and UK announce charges and sanctions against two hackers working with Russia’s FSB security service.
Security Affairs
Experts disclosed two flaws in JetBrains TeamCity On-Premises SW
Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems.
SecurityWeek
Meta Disrupted Two Cyberespionage Operations in South Asia
Facebook’s parent company says it has taken action against two cross-platform cyberespionage networks operating out of South Asia.
CyberNews
Ukraine’s top two cybersecurity officials axed amid embezzlement probe
Two heads of Ukraine’s national cybersecurity agency were fired Monday amid accusations of participating in an embezzlement scheme involving millions in state funds.
DataBreaches
Double whammy? Estee Lauder Breached by Two Ransomware Groups?
Phil Muncaster reports: Estee Lauder has become the latest big name to suffer an apparently serious ransomware breach, after two groups claimed to have...
PCMag
US Charges Two Russian Nationals for Lockbit Ransomware Attacks
Law enforcement agencies are dismantling Lockbit's ransomware operations and have issued five indictments, three arrest warrants, and made two arrests so far.
CyberNews
Two million affected as learning app suffers data leak
A misconfigured database on the LectureNotes Learning App, a platform for sharing class notes, has exposed more than two million user records.
SecurityWeek
Two Men Arrested for JFK Airport Taxi Hacking Scheme
Two men have been arrested for their role in a taxi dispatch system hacking scheme that was aided by Russian hackers.
The Record
Russian security service detains two hackers allegedly working for Ukraine
Russia's security service detained two hackers suspected of carrying out cyberattacks on Russian networks on behalf of Ukraine.
DataBreaches
Ransomware attack continues to disrupt two Connecticut hospital systems
CT Post reports: A ransomware attack continued to disrupt some services Friday at two Connecticut health care systems owned by Prospect Medical Holdings...
ZDNet
Ransomware: These two gangs are behind half of all attacks | ZDNet
Two ransomware groups have been very busy - but there are other threats out there, too.
Cyber Security News
Google Will Disable Inactive Accounts Older Than Two Years
Google amended its "inactive account policy" on Tuesday and will now remove accounts that haven't been used or registered for at least two years.
SecurityWeek
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads
Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (dubbed ‘GameOver(lay)’).
The Record
Two suspects arrested following Poland railway hack
Polish police have arrested two men suspected of hacking the national railway’s communications network. The attack halted 20 trains across the country and paralyzed traffic for hours over the weekend, according to Poland’s railway infrastructure operator.
The Cyber Express
CISA Adds Two Critical Vulnerabilities to Watchlist: CVE-2023-7024 and CVE-2023-7121
CISA has added two additional vulnerabilities to its Known Exploited Vulnerabilities Catalog for January 2024. The two additions have been
The Cyber Express
BianLian Ransomware Group Strikes Again, Targeting Two US-Based Companies
The BianLian ransomware attack has allegedly targeted two more victims, Cislo & Thomas LLP and Image Craft. The dark web
Bleeping Computer
Git patches two critical remote code execution security flaws
Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based buffer overflow weaknesses.
DataBreaches
Personal Data Protection Commissioner of Singapore announces two decisions
The Personal Data Protection Commissioner of Singapore (PDPC) announced two decisions this week: A financial penalty of $3,000 was imposed on Autobahn Rent A...
Security Affairs
Apple fixed two new zero-day flaws exploited by threat actors
Apple addressed two zero-day vulnerabilities, exploited by threat actors, affecting iOS, iPadOS, and macOS devices. Apple this week released security updates for iOS, iPadOS, and macOS platforms to address two zero-day vulnerabilities exploited by threat actors. Apple did not share details about these attacks. The two flaws are: CVE-2022-32893 – An out-of-bounds issue in WebKit which. An attacker can trigger the […]
Security Affairs
Two Estonian citizens arrested in $575M cryptocurrency fraud scheme
Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were arrested in Tallinn, Estonia, after being indicted in the US for running a fraudulent cryptocurrency Ponzi scheme that caused more than $575 million in losses. According to the indictment, Sergei Potapenko and Ivan Turõgin, both […]
Latest Hacking News
WhatsApp Fixed Two Serious Vulnerabilities With September Update
Heads up, WhatsApp users! It’s time to update WhatsApp on your devices as the latest version addresses two severe security flaws. Exploiting the vulnerabilities could allow an adversary to perform RCE attacks and take control
Computerworld
Microsoft fixes two zero-days with Patch Tuesday release
Microsoft pushed out 73 updates in February's Patch Tuesday release, including fixes for two actively exploited zero-day flaws in Microsoft Outlook and Microsoft Exchange.
SecurityWeek
Emergency Firefox Update Patches Two Actively Exploited Zero-Day Vulnerabilities
Mozilla over the weekend issued an emergency security update for Firefox to address two zero-day vulnerabilities that have been exploited in attacks.
Security Affairs
Experts disclosed two critical flaws in Alibaba cloud database services
Researchers disclosed two critical flaws in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. Researchers from cloud security firm Wiz discovered two critical flaws, collectively dubbed BrokenSesame, in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. ApsaraDB RDS is a managed database hosting service, meanwhile, AnalyticDB for PostgreSQL is a managed […]
Bleeping Computer
Estée Lauder beauty giant breached by two ransomware gangs
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks.
Bleeping Computer
Google pushes emergency Chrome update to fix two zero-days
Google has released Chrome 94.0.4606.71 for Windows, Mac, and Linux, to fix two zero-day vulnerabilities that have been exploited by attackers.
The Hacker News
Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released
Security Advisory : Two major security flaws in the Curl data transfer library exposed.
Security Affairs
Microsoft fixed two zero-day flaws exploited in malware attacks
Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware
Loading more articles....