Announcing the latest evolution of our Security Operations portfolio
New innovations in identity protection, expanded security services, and advancements in AI, and threat detection and response to strengthen cybersecurity outcomes
Similar Posts
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
Bys sCybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
Bys sCybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka…
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
Bys sBeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. “BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company
Teen on Musk’s DOGE Team Graduated from ‘The Com’
Bys sThe insider threat on steroids? Brian Krebs reports: Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the…
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an “embedded malicious code vulnerability” introduced by means of a supply chain compromise
45 CHS hospitals were affected by the Oracle Health outage
Bys sThis is reportedly all resolved by now, but on April 25, Becker’s Hospital Review reported that dozens of hospitals affiliated with Franklin, Tenn.-based Community Health Systems were experiencing IT outages after data storage linked to their Oracle Health EHRs was accidentally deleted: The hospitals have reverted to paper for patient records, with the issue expected…