Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
Devo has closed its Series F round and notched a $2 billion valuation to incorporate more capabilities into its SOC via acquisition. The company plans to use the $100 million to buy companies that will provide customers with additional intelligence on top of Devo's data for specific use cases.
Digital trust: It's the present and immediate future of how enterprises and customers do business, says Brendon O'Donovan of TeleSign. But what are the fundamentals to create it and the tools to ensure it throughout the customer relationship?
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
A zero-day vulnerability in Atlassian Confluence, a workspace collaboration tool that serves millions of daily active users, is being targeted in the wild. The flaw, according to the company's security advisory, gives attackers unauthenticated remote code execution privileges.
Android spyware FluBot's infrastructure was disrupted by the Dutch police as part of a multinational law enforcement operation in May, rendering this strain of malware inactive, Europol says. The agency is continuing its probe into identifying the actors responsible for the malware campaign.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
Okta's competitive win rates and renewal rates weren't measurably affected by the Lapsus$ cyberattack that came to light in March. The company looked through hundreds of opportunities with customers and prospects to see if any of the potential sales had been delayed or canceled due to the breach.
Lookout has bought password management provider SaferPass to provide carriers distributing the company's consumer app with more capabilities in a single place. Lookout wants to take SaferPass's technology beyond its existing base of consumer and SMB customers and bring it to large enterprises.
The U.S. has conducted offensive cyber activities in support of Ukraine, Cyber Command Director Gen. Paul Nakasone reportedly said on Wednesday at the NATO Cooperative Cyber Defense Center of Excellence conference. The White House says these operations do not violate historic policies with Moscow.
The 15th edition of the annual Verizon Data Breach Investigations Report examines the rapid growth in ransomware, along with other threat vectors. Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group, discusses key findings and reviews the security landscape.
The latest edition of the ISMG Security Report discusses how security researchers have warned of a new attack campaign targeting 1,200 cloud-based Elasticsearch databases. It also revisits the Kaseya supply chain attack and examines how we can mitigate mobile phone fraud.
ReliaQuest has agreed to buy Digital Shadows for $160 million to infuse its security operations platform with threat intelligence, attack surface management, and dark web monitoring. The deal will give clients more visibility and context around threats facing their networks, endpoints and cloud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.