Ivanti Release Warning on Newly Patched Cloud Appliance Vulnerability
IT management solutions provider Ivanti confirmed that a high-severity flaw patched this week in an older version of its Cloud Service Appliance (CSA) has been exploited in attacks. The vulnerability was fixed as part of the company’s September security update, which also included patches for critical and high-severity flaws in other products. Ivanti has revealed…
Country’s Progress Impossible Without Cybersecurity: Amit Shah
The country’s progress is not possible without ensuring cybersecurity, Union Home Minister Amit Shah said on Tuesday, terming cybersecurity an integral part of national security. He also said that cybercrime has no boundary, and hence it is imperative that all stakeholders come together to deal with the menace. “Cybersecurity is an integral part of national…
Cybersecurity Talent Shortage: A Big Challenge for Banks – SBI Chief
SBI Chairman CS Setty highlights the limited supply of cybersecurity professionals as a major concern for the banking industry. He emphasizes the need for robust cybersecurity investments and talent development. SBI Chairman CS Setty on Thursday flagged the limited supply of cybersecurity professionals as a “big challenge” for the future. Speaking at the annual Fibac…
Gene Yoo, CEO of Resecurity on Terror Activity via Cyberspace – Precursor to Olympics & Elections
According to this recent assessment by Resecurity, terrorist groups are increasingly using cyberspace to plan and execute attacks, as well as to conduct recruitment and establish anonymous communication channels. According to assessment by Resecurity, terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks, as well as to conduct recruitment and establish anonymous…
VMware Patches High-Severity Code Execution Flaw in Fusion
VMware on Tuesday pushed out a security update for its Fusion hypervisor to address a high-severity vulnerability that exposes uses to code execution exploits. The root cause of the issue, tracked as CVE-2024-38811 (CVSS 8.8/10), is an insecure environment variable, VMware notes in an advisory. “VMware Fusion contains a code execution vulnerability due to the usage of an…
Prasarana confirms cybersecurity breach, public transport operations unaffected
After a social media post went viral claiming that public transportation body Prasarana was facing a ransomware attack, the firm confirmed that it was facing a cybersecurity issue. In the statement posted on RapidKL’s social media, Prasarana said that it “confirms social media reports regarding a cybersecurity incident involving part of their internal systems.” Without…
Microsoft to convene Cybersecurity summit following CrowdStrike-induced disruption
Microsoft to convene cybersecurity summit following CrowdStrike-induced disruption Microsoft will convene a summit for the improvement of cybersecurity systems in September, it said on Friday, after last month’s CrowdStrike faulty update propelled a global IT outage. The summit is the first of many giant steps the company shall take to forestall issues that affected nearly…
Global Checkmarx study reveals 63% of participating organisations have fallen victim to a software supply chain attack in past 2 years
As open source software grows to represent an ever-increasing percentage of enterprise application code, application security (AppSec) leaders and developers are challenged to mitigate the risk of falling victim to the weaponization of such packages by threat actors. Reporting on current open source AppSec practices and problems, Checkmarx, the industry leader in cloud-native application security for…
Sebi Comes out with new Cyber Security Framework for Regulated Entities
Markets watchdog Sebi on Tuesday issued a new cyber security framework wherein all regulated entities are required to have appropriate security monitoring mechanisms, and the fresh norms will be implemented in a graded manner starting from January 2025. Besides, a Cyber Capability Index (CCI) for market infrastructure institutions and qualified regulated entities will be introduced…
Microsoft macOS Apps Vulnerability Allows Hackers to Record Audio/Video
Cisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries. These vulnerabilities, if exploited, could allow attackers to hijack the permissions and entitlements of Microsoft applications, leading to unauthorized access to sensitive resources such as microphones, cameras, and user data. The vulnerabilities…