Security

Cisco Snaps Up Kenna Security for Vulnerability ManagementCisco is set to acquire privately held Kenna Security in a deal designed to expand its SecureX platform with vulnerability management capabilities.Santa Clara-based Kenna Security provides risk-based vulnerability management capabilities alongside vulnerability intelligence to help organizations rapidly identify, prioritize and remediate cyber-risks.Cisco claimed the technology is increasingly important…

Former Florida tax official and Matt Gaetz associate Joel Greenberg pleaded guilty to 6 counts on Monday. He appeared before a judge and pleaded guilty to sex-trafficking, wire fraud, identity theft, stalking, and conspiracy. Greenberg also agreed to cooperate fully with the government in any related cases. See more stories on Insider’s business page. The…

This is a Writeup of Tryhackme room “Baron samedit” https://tryhackme.com/room/sudovulnssamedit Room link: https://tryhackme.com/room/sudovulnssameditNote: This room is free In January 2021, Qualys released a blog post detailing a terrifying new vulnerability in the Unix sudo program. Specifically, this was a heap buffer overflow allowing any user to escalate privileges to root — no misconfigurations required. This…

Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec…

Defense CMMC board adds new training head, board members By Lauren C. Williams May 16, 2021   The governing body for the Defense Department’s unified cybersecurity standard has a new training lead. Melanie Kyle Gingrich will take over training daily operations for the Cybersecurity Maturity Model Certification Accreditation Body as the vice president…

Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding the malicious build files came embedded with encoded executables and shellcode that deploy backdoors,…

“Enough with the defamation. Enough with the unfounded allegations,” Richer tweeted on Thursday. “I came to this office to competently, fairly, and lawfully administer the duties of the office. Not to be accused by own party of shredding ballots and deleting files for an election I didn’t run. Enough.” Loading The board, led by Republican…

A Toshiba Corp (6502.T) unit said it was hacked by the DarkSide ransomware group, overshadowing an announcement of a strategic review for the Japanese conglomerate under pressure from activist shareholders to seek out suitors. Toshiba Tec Corp (6588.T), which makes products such as bar code printers and is valued at $2.3 billion, was hacked by…

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Conti Ransomware Blamed; No Ransom Paid Tony Morbin (@tonymorbin) • May 14, 2021     Rotunda Hospital Dublin, where the attack was spotted (Photo: Rotunda Hospital) Watch for updates on this developing story. See Also: Live Webinar | Software…