SEARCH
Lace Tempest Seen Exploiting SysAid Zero Day
A path traversal zero day (CVE-2023-47246) in the SysAid on-premises product is under active attack by the ace Tempest threat group.
CISOs, Developers and the Software Supply Chain Security Disconnect
A new report revealed discrepancies in how CISOs and developers view their roles and responsibilities around software supply chain security.
Decipher Podcast: Kymberlee Price
Kymberlee Price, co-founder of Zatik, joins Dennis Fisher to talk about her experience running security response programs at Microsoft, BlackBerry, and other companies, and how the changing security landscape helped lead her to start her own company.
New Gootloader Malware Variant Harder to Detect, Block
Researchers with IBM X-Force recently observed the new Gootloader variant being used for lateral movement, marking a significant change in the malware’s post-infection tactics.
Exploit Attempts, Ransomware Target Critical Confluence Flaw
Attackers are targeting the critical Atlassian Confluence flaw (CVE-2023-22518) with active exploit attempts, including some trying to deploy ransomware.