Cybersecurity
-
Meta Expands Passkey Support to Facebook for Enhanced Security
Meta Platforms is enhancing security for Facebook users by introducing passkey support, a next-generation authentication method designed to be easier and more secure than traditional passwords. This feature will also integrate with Meta Pay for seamless online transactions.
-
Cisco Issues Urgent Patches for Critical Vulnerabilities in Cloud Services
Cisco has issued patches for critical vulnerabilities in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP), warning of potential exploits that could allow unauthorized access and disruption of services in cloud deployments.
-
Schneider Electric Devices Face Critical Vulnerability Risk
CISA has issued a security alert regarding critical vulnerabilities in Schneider Electric’s products, urging immediate action to mitigate risks and promoting best practices for cybersecurity.
-
Hewlett Packard Enterprise Issues Critical Security Warning for StoreOnce Backup Solutions
Hewlett Packard Enterprise has issued a security warning regarding eight vulnerabilities in its StoreOnce backup solutions, including a critical authentication bypass flaw that could allow for exploitation of other vulnerabilities.
-
Cisco IOS XE Flaw Exposes Devices to Security Risks
A recently disclosed vulnerability in Cisco IOS XE software allows unauthorized remote access, potentially exposing devices to significant security risks. Cisco and independent researchers urge immediate actions for mitigation.
-
Security Flaw in Safari Allows Fullscreen Browser-In-The-Middle Attacks
A new vulnerability in Apple’s Safari web browser exposes users to fullscreen browser-in-the-middle attacks, allowing cybercriminals to steal account credentials. SquareX researchers warn that this vulnerability particularly affects Safari, which lacks adequate user alerts when entering fullscreen mode, increasing the risk of such attacks.
-
New Russian Cyberespionage Group Linked to Dutch Police Data Breach
A newly identified Russian cyberespionage group, Laundry Bear, has been connected to a serious data breach of the Dutch police, raising concerns over the security of sensitive information within European Union and NATO contexts.
-
European Union Launches Robust Vulnerability Database as US Faces Cybersecurity Challenges
The European Union has launched the European Vulnerability Database (EUVD), a vital tool for managing security flaws, amid concerns about the future of the US Common Vulnerabilities and Exposures program. The EUVD aims to enhance transparency and provide real-time updates on critical vulnerabilities.
-
UK Launches New Software Security Code of Practice Amid Rising Cyber Threats
The UK has launched a voluntary Software Security Code of Practice aimed at enhancing the cybersecurity of software development amid rising threats. The initiative sets out 14 principles to guide vendors, emphasizing the importance of security throughout the software lifecycle. However, its voluntary nature raises concerns regarding the effectiveness of adherence and universal compliance.
-
Microsoft OneDrive Sync Feature Raises Security Concerns Among IT Professionals
Microsoft’s new OneDrive sync feature, allowing users to sync personal and corporate accounts, faces backlash from cybersecurity professionals who warn of increased risks of data leaks and compliance violations.
