“The People's Republic of China’s efforts to steal intellectual property, gain critical infrastructure footholds, and disrupt supply chains pose a significant risk to DoD's ability to defend the nation," CYBERCOM Commander Gen. Haugh said. (Breaking Defense)
|
“China continues its strategic espionage efforts against our industrial base to steal critical intellectual property, demanding that we remain steadfast in our cybersecurity vigilance and strengthen our defenses against such persistent threats.” – Jason Ingalls, Founder at Ingalls Information Security |
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. (The Hacker News)
Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands, and dropping custom malware. (Dark Reading)
An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. (The Hacker News)
Google is committed to enhancing the security of open-source technologies, especially those that make up the foundation for many of our products, like Linux and KVM. To this end, we are excited to announce the launch of kvmCTF, a vulnerability reward program (VRP) for the Kernel-based Virtual Machine (KVM) hypervisor first announced in October 2023, (Google Online Security Blog)
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. (The Hacker News)