The House of Lords in the UK is urging the government to enact legislation regarding the use of facial recognition technology by law enforcement agencies. Baroness Hamwee, chair of the House of Lords Justice and Home Affairs Committee, expressed grave ...

During the recent Tripwire Energy and NERC Compliance Working Group, a session was conducted to showcase some useful insights and methods for optimizing the latest version of Tripwire State Analyzer (TSA) to better suit your organization’s needs. The most recent ...

Cloud security optimization involves the meticulous selection and allocation of appropriate resources to workloads or applications, aiming to minimize costs while enhancing performance and efficiency. These resources encompass computational power, memory, storage, and network capabilities. The process of cloud optimization ...

Despite the escalating frequency of data breaches, ransomware incidents, and assorted cyber perils, persuading Boards of Directors to invest in robust cybersecurity measures remains a challenge for many businesses. This hurdle primarily stems from the necessity to demonstrate tangible Return ...

At the turn of the millennium, cybercrime was scarcely a concern. The Good Friday Agreement was fresh, the US had just expelled a Russian diplomat for espionage, and fears of the Y2K bug loomed. It wasn’t until five months later ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a significant Adobe ColdFusion vulnerability by unidentified threat actors aiming to gain initial access to government servers. CISA stated, “The ColdFusion vulnerability (CVE-2023-26360) ...

An urgent Bluetooth security flaw has surfaced, posing a significant threat to Android, Linux, macOS, and iOS devices. Identified as CVE-2023-45866, the flaw centers around an authentication bypass issue, allowing attackers to establish connections with vulnerable devices and inject keystrokes ...

Recently disclosed technical details shed light on two security vulnerabilities in Microsoft Windows that have since been patched, but could still be combined by malicious actors to achieve remote code execution on the Outlook email service without any user interaction. ...

A recently addressed security loophole in Microsoft Outlook has been identified as a potential avenue for threat actors to obtain NT LAN Manager (NTLM) v2 hashed passwords when accessing a specially designed file. This security concern, denoted as CVE-2023-35636 (CVSS ...

Information-stealing malware is actively leveraging an undocumented Google OAuth endpoint called MultiLogin to hijack user sessions, allowing continuous access to Google services even after a password reset. CloudSEK reports that this critical exploit facilitates session persistence and cookie generation, empowering ...