StrelaStealer malware steals login credentials in Europe and U.S.
A new StrelaStealer malware campaign has affected more than 100 companies and organizations in the U.S. and Europe. Hackers are now also using ZIP files to spread the malware payload, Palo Alto Networks Unit42 concludes.
The StrelaStealer malware spread particularly quickly in November 2023, as ... Read more
Fortinet warns vulnerability in FortiClientEMS is exploited in the wild
Fortinet is warning users of the Fortinet FortiClient Enterprise Management Server (EMS) about the active misuse of a critical vulnerability in the product. The vulnerability allows hackers to run code through the system without having physical access to the device.
The vulnerability was reporte... Read more
Personal data exposed at Air Europa
The data leak involved the airline's passengers' identity card and passport information.
The company announced this in an email to customers. Names, birthdays, nationalities, and phone numbers were also exposed. The airline, which works with AirFrance and KLM through the SkyTeam alliance, stress... Read more
Dutch researcher discovers Fujitsu blunder: AWS keys and logins in public bucket
Fujitsu failed to keep customers' sensitive information secure. AWS keys and passwords were publicly published on the Internet for a year. Dutch water utility PWN is one of the victims.
Security researcher Jelle Ursem, who works for the Dutch Institute for Vulnerability Disclosure (DIVD), disco... Read more
Windows and Exchange Servers crash after March 2024 update
The latest Windows and Exchange Server update is causing domain controllers to crash. The problems occur on Windows Server 2016, Windows Server 2022, Exchange Server 2019 and Exchange Server 2016.
Several Windows administrators say they are experiencing outages on updated domain controllers. Th... Read more
Care retailer of Belgian health insurance provider victim of data breach
Goed, a healthcare retailer and part of the CM, fell victim to a cyber attack. Data was stolen during the attack. In several stores and pharmacies from Goed, it is currently not possible to pay with Bancontact.
Hackers broke into Goed's systems during the night from Monday to Tuesday. During th... Read more
Almost 19 million passwords exposed due to Firebase misconfigurations
Cybersecurity researchers recently discovered a startling security lapse involving nearly 19 million plaintext passwords exposed on the internet. Misconfigured instances of Firebase, a Google platform for hosting databases and app development, proved to be the cause.
The three researchers conduc... Read more
Cato Networks prepares for IPO in 2025
Cato Networks plans to go public no later than 2025. Plans are said to be currently being prepared in collaboration with three banks.
Cato Networks is looking at options for an IPO with banks Goldman Sachs, JPMorgan Chase and Barclays. The company wants to complete these plans in 2025, or earli... Read more
Venafi Firefly supports SPIFFE: efficient management of workload identities
Venafi Firefly is getting support for SPIFFE (Secure Production Identity Framework For Everyone). This way, the company is trying to adapt the tool for workload identities to businesses' needs.
According to Venafi, modern applications need automation to scale and secure heterogeneous workloads.... Read more
Aviatrix releases Distributed Cloud Firewall for Kubernetes
According to Aviatrix, there's a significant a security gap between virtual machines (VMs) and Kubernetes. For that reason, the company now offers a purpose-built firewall that supports both types of workloads.
Distributed Cloud Firewall for Kubernetes, announced at KubeCon/CloudNativeCon 2024, ... Read more