The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today’s enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to […]
All posts
[ThreatPost] Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. Source: Read More (Threatpost)
[ZDNet] This Russian botnet does far more than DDoS attacks – and on a massive scale
Operators can track social media trends and tailor their propaganda to suit. Source: Read More (Latest topics for ZDNet in Security)
[SecurityWeek] Cloud Data Security Firm Dig Emerges From Stealth With $11 Million in Funding
Israel-based cloud data security company Dig Security on Thursday announced emerging from stealth mode with $11 million in seed funding. Dig’s seed funding round was led by Israeli startup foundry Team8, with participation from CrowdStrike’s Falcon Fund, CyberArk, Merlin Ventures, and several angel investors. read more Source: Read More (SecurityWeek RSS Feed)
[SecurityWeek] US Recovers $15 Million From Ad Fraud Group
United States authorities announced this week that they have retrieved more than $15 million in illicit proceeds derived from the advertising fraud scheme known as “3ve.” read more Source: Read More (SecurityWeek RSS Feed)
[SecurityWeek] Enterprise Data Protection Company Seclore Raises $27 Million
Enterprise data protection company Seclore this week announced that it has received $27 million in Series C growth funding, which brings the total raised by the firm to $46 million. The new investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security […]
[HackerNews] High-Severity Bug Reported in Google’s OAuth Client Library for Java
Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an […]
[SecurityWeek] CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations about two actively exploited VMware product vulnerabilities, and the agency believes two other freshly patched flaws will also be exploited soon. read more Source: Read More (SecurityWeek RSS Feed)
[ESET] The flip side of the coin: Why crypto is catnip for criminals
Cybercriminals continue to mine for opportunities in the crypto space – here’s what you should know about coin-mining hacks and crypto theft The post The flip side of the coin: Why crypto is catnip for criminals appeared first on WeLiveSecurity Source: Read More (WeLiveSecurity)
[ZDNet] Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies
Similar VMware flaws came under attack almost immediately last month, warns US security authority – so act fast. Source: Read More (Latest topics for ZDNet in Security)