Rezilion researchers discovered that the attack surface for the critical Log4Shell zero-day flaw in the Apache Log4j library continues to be significant four months since its discovery, according to BleepingComputer.
Malicious actors have been actively exploiting a critical security flaw impacting several products of enterprise software development solutions vendor WSO2, which are being utilized by various major companies around the world, reports SecurityWeek.
Cybersecurity mergers and acquisitions may reach record-highs this year, with M&A activity already reaching nearly $27 billion in the first quarter of 2022 alone, compared with $70.4 billion and $27.5 billion for the entirety of 2021 and 2020, respectively, reports SecurityWeek.
In addition to testing for accuracy and equity, the GSA study will also look at how different vendor products perform and match up to NIST standards when it comes to the non-biometric aspects of identity assurance.
Iranian threat actor Rocket Kitten has been distributing the Core Impact penetration testing tool by exploiting a remote code execution flaw in VMware Workspace ONE Access and Identity Manager, which was already addressed by VMware early this month, The Hacker News reports.
More than 500,000 individuals had their data compromised following a cyberattack at Adaptive Health Integrations, a healthcare billing services firm in North Dakota, KVRR reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
