December 13, 2022 IT administrators with applications from Atlassian — including Jira, Confluence, Trello and BitBucket — are being warned of a vulnerability in their session cookies. The way to close this serious hole is to make sure more...
December 13, 2022 Three hundred and sixty-five days of angst is a good description of the job of an infosec pro. Whether working for a well-funded bank or a fledgling startup, IT security professionals are exhausted every day. more...
December 13, 2022 Uber has suffered a data breach after a third-party vendor, Teqtivity AWS backup server, was compromised. Uber experienced yet another data breach, with a hacker sharing the stolen information on BreachForums, the successor forum to more...
December 12, 2022 Since the compromise of the SolarWinds Orion update mechanism two years ago this month, governments and the IT industry have made strides in trying to reduce the attack surface of applications. However, Google believes software more...
December 12, 2022 Security researchers picked up US$989,750 in prizes for demonstrating 63 unique zero day vulnerabilities in consumer and small office products during the four-day Toronto edition of the Pwn2Own hacking contest. The biggest bundle of cash more...
December 12, 2022 Cisco Talos, a cybersecurity research firm, has reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the United States. Recent attacks made use of a now-patched vulnerability (CVE-2022-31199) in Netwrix Auditor, an more...
December 12, 2022 Welcome to Cyber Security Today. It’s Monday, December 12th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Just shy of US$1 million in prize money was awarded to security researchers at the end more...
December 12, 2022 Welcome to Cyber Security Today. It’s Monday, December 12th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Just shy of US$1 million in prize money was awarded to security researchers at the end more...
December 12, 2022 Mordechai Guri, a security researcher known for inventing inventive ways to siphon data from computers that aren't connected to the internet, has discovered a new exploit that can exfiltrate data to a nearby smartphone. It more...
December 12, 2022 Claroty experts created a generic method for circumventing a variety of leading manufacturers' web application firewalls (WAF). The technique, developed by Claroty's threat research team Team82, is generic, which means it can be used against more...
