Application securityApache Avro SDK Flaw Could Enable Java Apps RCECRA News ServiceOctober 8, 2024An Apache Avro flaw could lead to remote code execution via Java apps, researchers said.
Critical Infrastructure SecurityICIT Launches IT, Cybersecurity Risk Task ForceCRA News ServiceOctober 8, 2024The ICIT has assembled a task force to examine the risks and benefits of IT consolidation.
Risk Identification/Classification/MitigationOkta Classic Could be Vulnerable to Sign-On Bypass FlawCRA News ServiceOctober 8, 2024A recently addressed Okta flaw could leave the authentication solution vulnerable.
Attack surface managementCyber-Physical System Attacks Increasingly CostlyCRA News ServiceOctober 7, 2024Attacks against cyber-physical systems are growing ever more costly, according to Claroty.
RansomwareNeuberger Seeks to Remove Insurance Coverage for Ransomware PaymentsCRA News ServiceOctober 7, 2024Deputy National Security Adviser for Cyber and Emerging Technologies Anne Neuberger urged insurance firms to cease policies that pay ransoms.
Endpoint/Device SecurityXSS Attacks Possible With LiteSpeed Cache Plugin VulnerabilityCRA News ServiceOctober 7, 2024WordPress sites with LiteSpeed Cache plugin instances impacted by the high-severity stored XSS flaw could be compromised.
RansomwareCyberattack Disrupts Michigan’s Largest CountyCRA News ServiceOctober 4, 2024Michigan's Wayne County had many of its government offices disrupted and sites taken down following a cyberattack.
Managed Security ServicesLinux Systems Vulnerable to perfctl MalwareCRA News ServiceOctober 4, 2024Many Linux systems are vulnerable to the perfctl malware, researchers say.
MalwareCosmicSting Attacks Hit Adobe Commerce, Magento StoresCRA News ServiceOctober 4, 2024More than 4,200 Adobe Commerce and Magento online stores have been hit by CosmicSting.
Firewalls, RoutersDrayTek Issues Updates to Plug Router VulnsCRA News ServiceOctober 3, 2024DrayTek issued fixes for 14 router vulnerabilities.