CyberSecurity Blog

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 01, 2023 US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two issues are: CVE-2023-6345 –…
Read more

The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance’s risk management framework and update the Agencies’ expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment. The post FFIEC Final Authentication Guidance appeared first on DanTechServices, Inc.http://dlvr.it/SzY658

Meta’s terms for data collection are still too vague, consumer groups allege. The post Meta’s “overpriced” ad-free subscriptions make privacy a “luxury good”: EU suit appeared first on DanTechServices, Inc.http://dlvr.it/SzXVPb

Also: Treasury Calls for Stronger Sanctions Powers; Aerodrome, Velodrome Hacks This week, a KyberSwap hacker demanded total control, the U.S. Treasury called for additional tools to sanction crypto baddies, the Aerodrome and Velodrome DeFi platforms’ front ends were hacked, a scam-as-a-service wallet drainer shut down, Indexed Finance thwarted hijacking attempts, and more.http://dlvr.it/SzXGyq

ICYMI: Hacktivists Leak Sensitive Employee Information From Idaho National LaboratoryThe hacktivist group SiegedSec has taken responsibility for a massive data breach targeting Idaho National Laboratory, a leading nuclear energy testing lab. Concerns are now growing over what data was stolen from the laboratory – and who might have access to it. The post Leading Nuclear…
Read more

ICYMI: Citrix provides additional measures to address Citrix Bleed Pierluigi Paganini November 22, 2023 Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability. Citrix is providing additional measures to admins who are patching their NetScaler appliances against the CVE-2023-4966 ‘Citrix Bleed‘ vulnerability. The company is urging…
Read more

The Department of Health and Human Services’ Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report. The post Annual Report to Congress on Breaches…
Read more

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole…
Read more

Tiangong could now outlive the older, larger International Space Station. The post For the first time, we’re seeing views of China’s entire space station appeared first on DanTechServices, Inc.http://dlvr.it/SzTVxc

ICYMI: The Top 5 Reasons to Use an API Management Platform Pierluigi Paganini November 21, 2023 Organizations need to govern and control the API ecosystem, this governance is the role of API management. Uber uses APIs (Application Programming Interfaces) to connect with third-party services such as Google Maps and Twilio, which helps to improve the…
Read more