End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities

01/07/2024 0 Comments 0 tags

At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of

Juniper Networks Releases Critical Security Update for Routers

01/07/2024 0 Comments 0 tags

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973,

Google to Block Entrust Certificates in Chrome Starting November 2024

29/06/2024 0 Comments 0 tags

Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

28/06/2024 0 Comments 0 tags

GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user.

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

28/06/2024 0 Comments 0 tags

The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of

New SnailLoad Attack Exploits Network Latency to Spy on Users’ Web Activities

28/06/2024 0 Comments 0 tags

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user’s web

Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

28/06/2024 0 Comments 0 tags

The modern kill chain is eluding enterprises because they aren’t protecting the infrastructure of modern business: SaaS.  SaaS continues to dominate software adoption, and it accounts for the greatest share

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

28/06/2024 0 Comments 0 tags

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs

TeamViewer Detects Security Breach in Corporate IT Environment

28/06/2024 0 Comments 0 tags

TeamViewer on Thursday disclosed it detected an “irregularity” in its internal corporate IT environment on June 26, 2024. “We immediately activated our response team and procedures, started investigations together with

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

28/06/2024 0 Comments 0 tags

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute