Android 0-Day Vulnerability warnings intensified as CISA added two Android Framework flaws to the CISA Known Exploited Vulnerabilities catalog. The agency confirmed active exploitation. The vulnerabilities affect Android …
-
-
News & ResourcesIdentity and Access Management
ServiceNow Veza Acquisition: $1 Billion Identity Security Platform Deal
The ServiceNow Veza acquisition is reportedly a $1 billion move to bolster identity security and access governance across enterprise environments. ServiceNow intends to embed Veza’s authorization intelligence into …
-
DDoS attack volume surged to record levels in Q3, led by the Aisuru botnet, Cloudflare reported. Peaks reached 29.7 Tbps and 14.1 billion pps, stressing global networks. Cloudflare …
-
Endpoint & Network SecurityNews & Resources
Microsoft Silently Patches Exploited LNK Vulnerability Exploit Without Public Disclosure
LNK vulnerability exploit activity prompted Microsoft to ship silent mitigations after confirmed abuse of Windows shortcut files. SecurityWeek reported the company acknowledged the change without a standard advisory …
-
Data BreachesNews & Resources
RPO Cybersecurity Incident: Orchestra Works With Experts After October Breach
The RPO cybersecurity incident in October caused a limited network disruption while core donor systems remained unaffected. The Rochester Philharmonic Orchestra restored access and remediated impacted components. The …
-
News & ResourcesBusiness & Enterprise
CrowdStrike Earnings Beat Estimates As Cybersecurity Stock Gains Momentum
CrowdStrike earnings topped expectations for the October-ended third quarter, driven by demand for endpoint and platform security. The company reported adjusted EPS of $0.96, up 3% year over …
-
News & ResourcesThreat Intelligence
Congressional Response To Salt Typhoon Cybersecurity Emphasises Industry Information Sharing
Salt Typhoon cybersecurity is driving a renewed push in Congress to expand information sharing with telecom providers after a year of intrusions across major U.S. networks. At a …
-
News & Resources
Submarine Cable Cybersecurity: Protecting Critical Infrastructure From Global Threats
Submarine cable cybersecurity is now central to safeguarding the world’s primary internet backbone. Recent disruptions underscore escalating physical and cyber risks to undersea networks. Operators and governments are …
-
News & ResourcesNation-State Attack
Iran-Linked MuddyViper Backdoor Attacks Target Israeli Critical Infrastructure Sectors
MuddyViper backdoor attacks are hitting Israeli academia, manufacturing, utilities and local government in a coordinated campaign attributed to MuddyWater. ESET tracked the activity to Iran-linked operators and observed …
-
News & ResourcesAi and Machine LearningApplication Security
OpenAI Vulnerability In Windsurf Coding Agent Threatens Developer Security
OpenAI vulnerability headlines returned after SecurityWeek detailed a flaw in the Windsurf coding agent that could expose developers to attack. The issue involves crafted content steering agent actions …