BleepingComputer reports that French government agencies, universities, businesses, research institutes, and think tanks had their networks compromised by Russian state-sponsored threat operation APT28, also known as Fancy Bear and Strontium, in cyberespionage attacks that commenced during the last six months of 2021.
Vulnerable Citrix NetScaler Application Delivery Controller and NetScaler Gateway instances impacted by the recently remediated critical severity Citrix Bleed information disclosure bug, tracked as CVE-2023-4966, could have their authentication session cookies stolen and be hijacked through a new proof-of-concept exploit discovered by Assetnote researchers, reports BleepingComputer.
University researchers say most Apple macOS and IOS devices are vulnerable to iLeakage, but security pros say most companies are not at high risk because exploiting the flaw requires highly skilled reverse engineering skills.
This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why...
In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on m...
What does it take to achieve excellent attack surface management in the age of digital transformation?Protecting complex attack surfaces is difficult and often requires cyber tools that have complementary capabilities. Good cyber hygiene, effective configuration management that enforces cybersecurity policies, and continuous monitoring of cyber to...
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.