CyberRisk TV speaks with Menlo Security's Andrew Harding at the Black Hat 2024 conference in Las Vegas on how threat actors have moved towards exploiting browsers as other services become more secure.
Included in the severe Roundcube vulnerabilities were the cross-site scripting issues, tracked as CVE-2024-42008 and CVE-2024-42009, as well as the information disclosure bug, tracked as CVE-2024-42010, an analysis from Sonar revealed.
This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit!
Attackers using an email address similar to one of the organization's suppliers were able to lure the firm to pay $42.3 million to a Timor Leste-based account, which was only realized to be fraudulent after complaints from the real supplier, reported Interpol.
Every mobile device connecting to enterprise assets hosts a unique blend of work and personal apps, creating a complex landscape of innumerable vulnerabilities. Thankfully, methods exist to provide security teams with the real-world insights necessary to proactively address threats and shield against attacks targeting mobile apps and device endpoin...
Employees spend up to 80% of their working hours in a web browser, and threat actors are increasingly leveraging browsers to target users and initiate attacks. Disrupting the tool employees use for 80% of their job would have massive impact on productivity. Rather than ripping and replacing, enterprises can turn any browser into a secure enterprise...