Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems
Keywords/Tags: Vulnerabilities, vulnerability Article Source: SecurityWeek A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system. The post Critical Vulnerability in…
US Cancer Center Data Breach Impacting 800,000
Keywords/Tags: Data Breaches, data breach Article Source: SecurityWeek City of Hope is notifying 800,000 individuals of a data breach impacting their personal and health information. The post US Cancer Center…
Pixel Phone Zero-Days Exploited by Forensic Firms
Keywords/Tags: Mobile & Wireless, exploited, Pixel Article Source: SecurityWeek Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices. The post…
SurveyLama Data Breach Impacts 4.4 Million Users
Keywords/Tags: Data Breaches, data breach Article Source: SecurityWeek Data breach impacting users’ personal information prompts survey rewards platform SurveyLama to reset passwords. The post SurveyLama Data Breach Impacts 4.4 Million…
Cloud Threat Detection Firm Permiso Raises $18 million
Keywords/Tags: Cloud Security, Cybersecurity Funding, cloud security, funding Article Source: SecurityWeek Cloud security firm provides a detection platform able to detect and predict the likely behavior of ‘bad’ identities. The…
Zoom Paid Out $10 Million via Bug Bounty Program Since 2019
Keywords/Tags: Vulnerabilities, bug bounty program, Zoom Article Source: SecurityWeek Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019. The…
New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset
Keywords/Tags: Network Security, DDoS, DoS Article Source: SecurityWeek New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.…
Microsoft’s Security Chickens Have Come Home to Roost
Keywords/Tags: Cloud Security, Government, Nation-State, China APT, CSRB, M365, Microsoft Article Source: SecurityWeek News analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China’s audacious Microsoft’s Exchange Online hack…
CVE and NVD – A Weak and Fractured Source of Vulnerability Truth
Keywords/Tags: Vulnerabilities, CVE, Featured, MITRE, NVD, vulnerabilities Article Source: SecurityWeek MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide…
Know Your Audience When Speaking to Security Practitioners
Keywords/Tags: Artificial Intelligence, Management & Strategy, Security Vendors Article Source: SecurityWeek How can security practitioners make sense of the vendor landscape and separate those who talk a good game from…