As per a recent update from Fortinet, Exploitation of CVE-2024-55591, a recently disclosed authentication bypass vulnerability in FortiOS and FortiProxy, allows remote attackers to achieve super-admin privileges. By sending specially crafted requests to the Node.js WebSocket module, attackers can exploit this zero-day vulnerability to gain unauthorized access.

Cloudflare proudly leads the way with our approach to data privacy and the protection of personal information, and we’ve been an ardent supporter of the need for the free flow of data across jurisdictional borders. So today, on Data Privacy Day (also known internationally as Data Protection Day), we’re happy to announce that we’re adding our fourth and fifth privacy validations, and this time, they are global firsts!

DataTrails is excited to announce that it has achieved SOC 2 compliance, demonstrating our commitment to the highest standards of data security and privacy. This achievement underscores our dedication to providing robust solutions for media authenticity and digital trust, ensuring that our customers can rely on us to protect their data and uphold the integrity of their digital assets.

If you need to reach PCI DSS 4.0 compliance, GitGuardian has solutions that can help.

There’s a new ransomware gang targeting critical infrastructure, government organizations, educational institutions, and energy sectors. Their name? Hellcat. But who exactly are they? Hellcat is a new ransomware gang that has surfaced across dark web forums in 2024. Hellcat employs a ransomware-as-a-service (RaaS) model, offering ransomware tools and infrastructure to affiliates in exchange for a share of the profits.

73% of educational institutions in the UK have sustained at least one cyberattack or breach in the past five years, according to researchers at ESET. Additionally, a fifth of these organizations said they’ve experienced three or more cyberattacks. 43% of the organizations surveyed cited phishing attacks as their top concern.

Transparency in security practices is essential for building trust in today’s interconnected digital world. Organizations that openly share certifications, audit reports, and policies demonstrate a commitment to safeguarding data and adhering to standards. This openness fosters stronger partnerships and sets a benchmark for accountability.