Search results

Популярный поставщик корпоративных услуг Zoom объявил о внедрении постквантового сквозного шифрования (E2EE) для собраний Zoom, а в будущем появится поддержка Zoom Phone и Zoom Rooms. "По мере того, как враждебные угрозы становятся все более изощренными, возрастает и необходимость защиты...

Тайваньская компания QNAP выпустила исправления для набора недостатков средней степени тяжести, влияющих на QTS и QuTS hero, некоторые из которых могут быть использованы для выполнения кода на своих устройствах сетевого хранилища (NAS). Ниже перечислены проблемы, влияющие на QTS 5.1.x и QuTS...

Неизвестный участник угрозы использует известные недостатки системы безопасности Microsoft Exchange Server для развертывания вредоносного ПО-кейлоггеру в атаках, нацеленных на организации в Африке и на Ближнем Востоке. Российская компания по кибербезопасности Positive Technologies заявила, что...

Исследователи кибербезопасности обнаружили новую кампанию криптоджекинга, в которой уязвимые драйверы используются для отключения известных решений безопасности (EDR) и предотвращения обнаружения в так называемой атаке "Принеси свой собственный уязвимый драйвер" (BYOVD). Elastic Security Labs...

С тех пор, как три года назад был выпущен первый выпуск окончательного контрольного списка управления состоянием безопасности SaaS (SSPM), корпоративное распространение SaaS растет двузначными темпами. На крупных предприятиях количество используемых сегодня приложений SaaS исчисляется сотнями...

Rockwell Automation призывает своих клиентов отключить все промышленные системы управления (ICSS), не предназначенные для подключения к общедоступному Интернету, чтобы предотвратить несанкционированную или вредоносную киберактивность. Компания заявила, что выпускает рекомендацию из-за...

Исследователи кибербезопасности раскрыли подробности о ранее недокументированной группе угроз под названием Unfading Sea Haze, которая, как полагают, была активна с 2018 года. Вторжение затронуло организации высокого уровня в странах Южно-Китайского моря, особенно военные и правительственные...

The company did not go along with the ransomware, but the attackers made their move. The LockBit group has claimed responsibility for a cyberattack on the Canadian drugstore chain London Drugs and is now threatening to publish the stolen data after failed negotiations. The April 28 cyberattack...

Human rights activists have revealed the dangers behind the unpunished collection of DNA. The US Department of Homeland Security (DHS) has collected the DNA of more than 1.5 million immigrants over the past 4 years and placed them in a database used for crime investigations, which has caused a...

A recent study uncovered surveillance on an unprecedented scale. Researchers from the University of Maryland have identified serious security and privacy issues in the geolocation systems of Apple and Starlink. In the course of the study, it became clear that the data that companies collect and...

Will the corporation be able to buy off a high-profile case that is full of interesting details? In an effort to avoid a jury trial in the case of monopolizing online advertising, Google made a decision that, according to the corporation, is the most logical: write a check to the US Department...

It seems that the company has decided to take a more responsible approach to security issues. No sooner did we publish yesterday's news that Watchtower Labs researchers accused the company in QNAP of being slow to respond to responsible vulnerability disclosure, but today it became known that...

The malicious CLOUD # REVERSER operation exploits legitimate cloud services to bypass detection. Securonix researchers have discovered a new cyberattack campaign called CLOUD # REVERSER. In this operation, attackers use legitimate cloud services, such as Google Drive and Dropbox, to place...

Jeff Houston explains what's wrong with a popular satellite Internet provider. SpaceX's Starlink satellite Internet service represents an "extremely unfavorable environment" for the widely used TCP protocol. This assessment was given by Jeff Houston, chief researcher at the Asia-Pacific Center...

Major IT companies are committed to responsible technology development. 16 world leaders in AI, including Google, Microsoft, IBM and OpenAI, have signed commitments to deactivate their technologies in the event of their potential dangerous impact. The event took place in South Korea at the AI...

The largest blockchain gaming platform should reconsider its approach to cybersecurity. One of the leading gaming platforms on the blockchain, Gala Games, was the victim of a large-scale hack, which has almost no analogues in the industry. According to the founder of Gala Games, Eric...

Update the software you are using before hackers use it for malicious purposes. GitHub has released patches to address a serious vulnerability in GitHub Enterprise Server (GHES) that could allow attackers to bypass authentication systems. The vulnerability, identified as CVE-2024-4985 with a...

Qrator Labs has submitted a quarterly report on DDoS attacks for 2024. Qrator Labs has published a report "Overview of DDoS attacks by vectors in absolute and mixed values" for the first quarter of 2024. Experts have improved the method of collecting data on Internet threats, focusing only on...

Cyber bandits don't even need to know your credentials to compromise your system. Veeam encourages all users of Veeam Backup Enterprise Manager to update their software to the latest version due to a critical vulnerability that allows attackers to bypass authentication protection. Veeam Backup...

Who is terrorizing government organizations and what is their purpose? According to a study by SentinelOne, ideologically motivated hacker groups are increasingly trying to destabilize the situation in the Philippines through cyber attacks. In particular, the Ikaruz Red Team hacktivist...