As students, staff, and caregivers prepare for the new school year, so do cybercriminals. Schools often have limited resources, face persistent cyber threats, and are susceptible to physical hazards. These cyber threats can disrupt essential services and potentially compromise safety.
Some CrowdStrike customers have experienced blue screen of death (BSOD) issues on Windows systems overnight due to a defect found in a single content update for Windows hosts. The issue affects customers worldwide and has cascading impacts across sectors and services.
Multiple vulnerabilities have been discovered in MOVEit products, which could allow for authentication bypass. Successful exploitation of these vulnerabilities could allow for an attacker to bypass authentication. An attacker could then view, change, or delete data.
The Cybersecurity and Infrastructure Security Agency, in collaboration with US and international partners, released this Joint Report that urges organizations to move toward more robust security solutions, such as Secure Service Edge and Secure Access Service Edge.
As more Internet of Things (IoT) devices become prominent in our daily lives, concerns about their security shortcomings increase. These devices—such as smart appliances, and internet-connected security cameras—add a layer of convenience to many technologies we use regularly.
Organizations are vulnerable to cyberattacks as users connect to more technologies, systems, and networks. Employees are the first line of defense against cyberattacks, making them prime targets for threat actors attempting to exploit human weaknesses.
Credentials provide a way to authenticate users and control access to online accounts, email systems, network resources, and more. Threat actors attempt to harvest or steal these credentials primarily through phishing and other methods. Read for more info.
The Cybersecurity and Infrastructure Security Agency released Joint Cybersecurity Information that provides best practices to secure the deployment environment, validate and protect the artificial intelligence (AI) system, and secure AI operation and maintenance.
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
An XZ Utils vulnerability allowed the embedding of malicious code in the libraries for XZ Utils versions 5.6.0 and 5.6.1. XZ Utils is data compression software that is present in several Linux distributions. The resulting build interferes with authentication in sshd via systemd.
