Cisco fixed three critical flaws impacting IOS XE operating system powering some of its devices, such as routers and wireless controllers. Cisco has addressed three critical vulnerabilities impacting its IOS XE operating system powering multiple products, including routers and wireless controllers. The most severe of these vulnerabilities is a Remote C

Cloud application and security solutions provider F5 this week announced that it has agreed to acquire threat detection firm Threat Stack for $68 million in cash. Threat Stack provides a platform that monitors cloud, hybrid cloud, multi-cloud, and containerized environments, and can automatically correlate events to identify suspicious activity.Threat S

A major U.S. port was the target last month of suspected nation-state hackers, according to officials.The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.”Cybersecurity and Infrastruct

Schools in the US have been using surveillance software to keep an eye on their students, and such software has grown significantly in popularity since the COVD-19 pandemic closed campuses nationwide. And this is fine—at least according to new research released by the Center for Democracy & Technology (CDT) as a majority of parents (62 percent) and

Author: Robert Graham (@erratarob)Later today (Friday, September 24, 2021), Republican auditors release their final report on the found with elections in Maricopa county. Draft copies have circulated online. In this blogpost, I write up my comments on the cybersecurity portions of their draft.https://arizonaagenda.substack.com/p/we-got-the-senate-audit-repor

A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion Clubhouse and Facebook user records. Original Post @CyberNews https://cybernews.com/security/3-8-billion-allegedly-scraped-and-merged-clubhouse-and-facebook-user-records-put-for-sale-online/ A user on a popular hacker forum is selling a database that purportedl

SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices.The SMA 100 series appliances vulnerable to attacks targeting the improper access control vulnerability tracked as CVE-2021-20034 includes SMA 200, 210, 400, 410,

September 24, 2021 5 0 Author: Matthew Turner Dark Web Forums: What are They and How to Find Them “Dark

A new report claims that telltale signs of Pegasus spyware have been identified on at least five current French cabinet ministers’ mobile phones.The phones reportedly belonged to Jean-Michel Blanquer, Julien Denormandie, Jacqueline Gourault, Sébastien Lecornu, and Emmanuelle Wargon. Few additional details are known at this time.This news comes just t

Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, g

Cisco this week announced the availability of patches for a series of critical vulnerabilities in IOS XE software that could be exploited to execute arbitrary code remotely, cause denial of service, or manipulate device configuration.The most severe of these issues is CVE-2021-34770 (CVSS score of 10), which could lead to remote code execution without authen

Third-party risk management solutions provider Panorays on Thursday announced raising $42 million in a Series B funding round.The funding was led by Greenfield Partners, with participation from Aleph, Oak HC/FT, BlueRed Partners (Singapore), Greenspring Associates (acquired by StepStone Group), and Moneta VC. The New York- and Israel-based company says it wi

Client-side web security provider Jscrambler on Thursday announced that a $15 million Series A financing round led by Ace Capital Partners. Existing investors Sonae IM and Portugal Ventures also participated.The company said the investment will be used to expand marketing and sales initiatives in the United States and across Europe, as well as accelerate pro

Google has shared the phase-out timeline for Manifest V2 Chrome extensions and its plans to bring Manifest V3 to full feature parity.Extension capabilities are restricted using a mechanism called extension manifest. Google made available the new version, Manifest V3, when Chrome 88 was announced earlier this year.Google first reveale

Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform.This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year.“Apple is aware of reports that an exploit for this issue exists in t