Tesla is one of several organizations to remedy cross-origin resource sharing (CORS) misconfigurations after security researchers proved they could exfiltrate data from the carmaker’s internal network. That’s according...
Developers are being urged to rotate secrets and API tokens following the discovery of a breach at popular DevOps platform CircleCI. CircleCI, which offers a platform for continuous...
The web applications and APIs of major car manufacturers, telematics (vehicle tracking and logging technology) vendors, and fleet operators were riddled with security holes, security researchers warn. In...
Most IT security professionals will focus on improving “detect” and “respond” capabilities, amidst concern over increasing costs and regulatory pressures, according to Deepwatch. The report found...
The cybersecurity industry will undergo some significant changes in 2023. As more systems get connected, we can expect to see more outages. We probably won’t see...
Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered...
The Royal ransomware gang has claimed responsibility for a recent cyberattack on the Queensland University of Technology and begun to leak data allegedly stolen during the...
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. Wabtec is a U.S.-based public company producing state-of-the-art...
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. Flipper Zero is...
Password reuse continues to be a threat to companies everywhere—a recent report found that 64% of people continue to use passwords that have been exposed in a breach....