News

Today, Cato Networks has been named the Leader in the Single-Vendor SASE Quadrant Analysis published in TechTarget. "We're honoured to be identified as the Leader in single-vendor SASE market," says Shlomo Kramer, CEO and co-founder of Cato Networks. "Cato introduced the first worldwide SASE platform in 2016, four years before Gartner defined the term. Since then, we've continued to enhance and extend Cato SASE Cloud as recognized by this award." Why Single-Vendor SASE? While SASE brings...

Software security company Synopsys have discovered a new remote code execution vulnerability (RCE) in the Pluck CMS system. Pluck is a content management system (CMS) implemented in PHP designed for setting up and managing your own website. Devised with ease of use and simplicity in mind, Pluck is best suited for running a small website. Pluck CMS features an “albums” module. Albums are used to create collections of images that can be inserted into web...

New research released by Specops Software outlines the most common Fortune 500 company names that show up in compromised password data. The Specops research team analysed an 800 million password subset of the larger Breached Password Protection database to obtain these results. Among the top ten, popular household names like Coca-Cola (16,710 appearances), Starbucks (3,800 appearances) and McDonald’s (2,270 times) appear. The most common Fortune 500 company to have been found among passwords in the subset...

Apparently, the team at Ferrari may not have been up to speed with the latest ways to ensure your security is top priority. It was announced on Monday via a statement uploaded to their website that Ferrari was “recently contacted by a threat actor with a ransom demand related to certain client contact details”. Ferrari then went on to say that it “will not be held to ransom” and that the best course of action...

Salt Security, the API security company, is working with Guild Education, the leader in opportunity creation for America’s workforce, to implement the Salt Security API Protection Platform to secure its growing application programming interface (API) ecosystem. Guild relies on APIs for the exchange of private and sensitive student, employer, and school data across its Career Opportunity Platform. With the Salt platform, Guild gains automatic and continuous API visibility, insights into potential data exposure, and API...

ESET researchers have analysed a cyberespionage campaign run by the Transparent Tribe APT group distributing CapraRAT backdoors through trojanised and supposedly “secure” Android messaging apps that exfiltrate sensitive information of mostly Indian and Pakistani Android users — presumably with a military or political orientation. The victims were probably targeted through a honey-trap romance scam, in which they were initially contacted on another platform and then convinced to use supposedly “more secure” apps, which they were...

High street stationery and book retailer WH Smith disclosed it has been the target of a cyberattack affecting employee and personnel data. It stresses that customer accounts and databases were not affected by the attack as they are stored on separate systems.   On Thursday, the company said it “immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities” in a public statement after this...

Salt Security, the API security company, has released new threat research from Salt Labs highlighting several critical security flaws in Booking.com. The now remediated flaws were found in the implementation of the Open Authorization (OAuth) social-login functionality utilised by Booking.com, which had the potential to affect any users logging into the site through their Facebook accounts.   The OAuth misconfigurations could have allowed for both large-scale account takeover (ATO) on customers’ accounts and server compromise,...

CyberSmart has announced the completion of its Series B funding round, raising an additional £12.75 million following its initial Series A investment of over £8 million.  Oxx led the oversubscribed round, with participation from British Patient Capital, Legal & General Capital and Solano Partners, alongside IQ Capital, which backed the company since its seed stage, and other returning investors: Eos Venture Partners, Winton Ventures and Seedcamp. This financial backing will facilitate CyberSmart’s accelerated product development, strengthen channel partnerships, as well as propel the...

Romance Fraud has increased throughout the government implemented coronavirus lockdown. Compared to 2019, the year 2020 saw a 20% increase in money being transferred as a result of romance scams. Scammers were targeting people on dating apps, pretending to want a relationship before asking for money. The UK's Action Fraud reported that £68 million was lost throughout the entire year. People have been warned to be vigilant, especially now with Valentine's Day just around the...