Tesla is one of several organizations to remedy cross-origin resource sharing (CORS) misconfigurations after security researchers proved they could exfiltrate data from the carmaker’s internal network. That’s according...
Developers are being urged to rotate secrets and API tokens following the discovery of a breach at popular DevOps platform CircleCI. CircleCI, which offers a platform for continuous...
The web applications and APIs of major car manufacturers, telematics (vehicle tracking and logging technology) vendors, and fleet operators were riddled with security holes, security researchers warn. In...
Most IT security professionals will focus on improving “detect” and “respond” capabilities, amidst concern over increasing costs and regulatory pressures, according to Deepwatch. The report found...
Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was...
The cybersecurity industry will undergo some significant changes in 2023. As more systems get connected, we can expect to see more outages. We probably won’t see...
If you’re interested in penetration testing and digital forensics, you know that Kali Linux is worth a try. And if you’re already doing it, chances are good you...
Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered...
The Royal ransomware gang has claimed responsibility for a recent cyberattack on the Queensland University of Technology and begun to leak data allegedly stolen during the...
Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures in phishing emails designed to infect...