A significant security vulnerability has been identified in SailPoint’s IdentityIQ IAM software, tagged as CVE-2024-10905. This flaw, which has been assigned a maximum CVSS severity score of 10.0, allows unauthorized access to sensitive content within the application directory by exploiting improper handling of virtual resource file names (CWE-66). The affected versions include IdentityIQ 8.4 and its earlier patch levels prior
In an era where cybersecurity threats are becoming increasingly sophisticated, the security of your infrastructure is paramount. Recently, Veeam, a well-known provider of backup and disaster recovery solutions, has released urgent security updates addressing critical vulnerabilities in its Service Provider Console (VSPC). These flaws, if left unpatched, pose a severe risk to the integrity of affected systems. Tracked as CVE-2024-42448,
Today marks a transformative milestone in the payments industry as IXOPAY announces its merger with Aperia Compliance, a global leader in PCI validation and risk management. This strategic alliance combines the strengths of two industry frontrunners to deliver secure, compliant, and scalable payment solutions. By merging their capabilities, they aim to address the pressing needs of businesses navigating intensifying cyber
In recent years, the manufacturing sector has become an attractive target for cybercriminals, leading to substantial operational disruptions and significant financial losses. Ransomware attacks have severely disrupted operations, affecting 858 manufacturers worldwide and resulting in approximately $17 billion in downtime since 2018. The growing frequency and sophistication of these attacks highlight the urgent need for manufacturers to implement robust cybersecurity
The UK’s National Cyber Security Centre (NCSC) has raised alarms over the escalating frequency and severity of cyber-attacks targeting British organizations and the public. In its latest Annual Review, published on December 3, the NCSC highlighted the increasing risks posed by cyber threats and underscored the urgent need for enhanced cyber defenses and collaboration across all sectors. The report revealed
MicroStrategy’s recent monumental acquisition of Bitcoin underscores the company’s unwavering commitment to the cryptocurrency, reflecting a strategic and long-term vision. Leading the charge is Michael Saylor, with the company purchasing 15,400 BTC for a staggering $1.5 billion. This acquisition brings their total holdings to 402,100 BTC, valued at approximately $38 billion. The funding for this purchase was secured by selling
MARA Holdings Inc., also known as Marathon Digital, one of the leading Bitcoin mining companies, is gearing up to make a significant financial move by planning a $700 million private offering of 0% convertible senior notes due in 2031. This move closely mirrors the strategy adopted by MicroStrategy, another major player in the digital assets market. The offering is designed
In an era where technology increasingly intertwines with everyday life, the potential cybersecurity threat posed by over-reliance on Chinese-made LIDAR technology, as reported by the Foundation for Defense of Democracies (FDD), raises significant security concerns. The FDD paper underscores that US critical national infrastructure (CNI) sectors, including public safety, transportation, and utilities, are notably vulnerable to the integration of Chinese
Waterfall Network is making waves in the blockchain world with its innovative approach to scalability. Leveraging directed acyclic graph (DAG) technology, Waterfall has achieved nearly 13,000 transactions per second (TPS) on its mainnet, addressing one of the most significant challenges in blockchain technology. This breakthrough positions Waterfall as a potential game-changer in the quest for scalable, secure, and decentralized blockchain
With the continuous evolution of the digital asset market, meme coins have emerged as a unique and intriguing segment. DWF Labs, a prominent Web3 investor and market maker, has recognized the potential of these innovative assets, launching a substantial $20 million Meme Fund to support various meme coin projects across a multitude of blockchain ecosystems. This fund aims to bring
ElizaRAT, a sophisticated Remote Access Trojan (RAT) for Windows developed by the APT36 group, also referred to as Transparent Tribe, is making waves in the cybersecurity community. This notorious Pakistani threat actor group, known for targeting Indian government agencies, diplomatic personnel, and military installations, has now expanded its reach to major platforms including Windows, Linux, and Android systems. Advanced Capabilities
The proliferation and advanced techniques of the ‘Rockstar 2FA’ phishing toolkit signify a worrisome uptick in Adversary-in-The-Middle (AiTM) phishing attacks targeting Microsoft 365 (O365) credentials. This campaign, underpinned by sophisticated methods, lures victims to counterfeit Microsoft login pages to harvest user credentials. Since August 2024, there has been a notable rise in these phishing activities focusing primarily on Microsoft user
