The Latest Cybersecurity News

Keep up with breaking news in the cybersecurity industry.
From major cyberattacks or incidents to critical vulnerabilities, read it here first:

Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges.

Read The Article

Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access

A critical security bug in the Citrix Application Delivery Controller and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.

Read The Article

Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)

It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, and CVE-2021-42292, a Microsoft Excel security feature bypass bug.

Read The Article

Robinhood discloses data breach impacting 7 million customers

Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers.

Read The Article

U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws

The U.S. Cybersecurity and Infrastructure Security Agency has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors.

Read The Article

Microsoft announces new endpoint security solution for SMBs

Microsoft today announced a new endpoint security solution dubbed Microsoft Defender for Business, specially built for small and medium-sized businesses.

Read The Article

Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild

A now-patched critical remote code execution vulnerability in GitLab’s web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks.

Read The Article

Microsoft Defender for Windows is getting a massive overhaul

Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard.

Read The Article

10 ways ransomware attackers pressure you to pay the ransom

Attackers will vow to publicly release the stolen data, try to delete any backups and even deploy DDoS attacks to convince victims to give in to the ransom demands, says Sophos.

Read The Article

Microsoft: Windows web content filtering now generally available

Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers.

Read The Article

EU investigating leak of private key used to forge Covid passes

The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and online data breach marketplaces.

Read The Article

AWS makes free cybersecurity awareness training available online

As you may or may not know given the frequency of data breaches during the pandemic era, but October is cybersecurity awareness month.

Read The Article

Need Help With Your Cybersecurity?