Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on…
Tag: EN
Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks
The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. “IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native…
The Danger of Forgotten Pixels on Websites: A New Case Study
While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases. …
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). “The campaign contributed to an overall increase…
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of…
Europol: Police Must Start Planning For Post-Quantum Future
New report highlights challenges and opportunities ahead This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Europol: Police Must Start Planning For Post-Quantum Future
UK IT Pros Express Concerns About C-Suite’s Generative AI Ambitions
93% of professionals express concerns about their company’s C-suite ambitions for generative AI This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK IT Pros Express Concerns About C-Suite’s Generative AI Ambitions
#ISC2Congress: CISOs Can Elevate Their Role with New Cyber Regulations
New regulations, such as the recent SEC incident reporting requirements, offer huge opportunities for CISOs to boost their influence This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #ISC2Congress: CISOs Can Elevate Their Role with New Cyber Regulations
#ISC2Congress: CISO Best Practices for Managing Cyber Risk
Two leading CISOs provide best practice tips for CISOs on undertaking a sustainable cyber risk management program This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #ISC2Congress: CISO Best Practices for Managing Cyber Risk
Operation Triangulation iOS Attack Details Revealed
Kaspersky said the attack exploited five vulnerabilities, four of which were unknown zero-days This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Operation Triangulation iOS Attack Details Revealed