Yubico Issues Security Advisory As 2FA Bypass Vulnerability Confirmed
Yubico has confirmed a partial 2FA bypass issue could impact some YubiKey customers—here’s what you need to know.
The Hacker News6d
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
This week in cybersecurity: zero-day exploits, advanced malware, and the latest hacking tricks you need to know about.
The Hacker News4d
Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
The San Francisco-based company said the issue has the potential to put millions of American users' data at risk simply by ...
Microsoft5d
Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions
Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third ...
Deep2h
Contrast Security Launches AVM to Enhance Application and API Security in Real-Time
AVM provides an alternative, allowing SecOps and DevOps teams to see what actual vulnerabilities exist in production ...
Cautious Hold on Tenable Holdings Amid Market Uncertainties and Strategic Opportunities
Adam Borg, an analyst from Stifel Nicolaus, has initiated a new Hold rating on Tenable Holdings (TENB).Stay Ahead of the Market:Discover ...
TMCnet3d
Contrast Security Launches New Capabilities of Application Detection and Response to Catch Vulnerabilities in Production Before Attack
Contrast Security, the runtime security leader, today announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
CRN Australia3d
ACSC warns about critical, exploited Fortinet firewall vulnerability
Australia's official cybersecurity watchdogs are alerting that a critical vulnerability that affects Fortinet firewalls is ...
macOS flaw that allowed attackers to bypass core system protections is now fixed
A macOS vulnerability exposed Apple devices to severe security risks by bypassing System Integrity Protection, but a security ...
Energy Central6d
Here’s how we can chop a couple of years off the wait for the “Cloud CIP” standards
I have posted recently on the need to rewrite two NERC CIP requirements: CIP-007 Requirement R2 (patch management) and ...
New Contrast Security tools targets vulnerabilities in production environments
Application security startup Contrast Security Inc. today announced the release of Application Vulnerability Monitoring, a ...
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was ...