F1TYM1

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

Apache Software has released the fix for zero-day vulnerability in the Apache HTTP server affecting version 2.4.49 on 4^th October 2021. The vulnerability was discovered by cPanel Security and is being actively exploited in the wild.

On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about a dangerous new form of cyberattack under this eye-catching headline:

In a wide-ranging interview at the WSJ Tech Live conference that touched on topics like the future of remote work, A.I. innovation, employee activism, and even misinformation on YouTube, Alphabet CEO Sundar Pichai also shared his thoughts on the state of tech innovation in the U.S. and the need for new regulations. Specifically, Pichai argued for the creation of a federal privacy standard in the U.S., similar to the GDPR in Europe. He also suggested it was important for the U.S. to stay ahead in areas like A.I., quantum computing, and cybersecurity, particularly as China’s tech ecosystem further separates itself from Western markets.

Multiple vulnerabilities have been found in the popular WordPress plugin WP Fastest Cache during an internal audit by the Jetpack Scan team.

Often, employees of security operation centers and information security departments turn to Kaspersky specialists for expert help. We analyzed the most common reasons for such requests and created a specialized service that helps customers to ask a question directly to an expert in the area they need.

Last week on Malwarebytes Labs

Other cybersecurity news

The Colombian government has begun sterilizing dozens of hippos originally introduced to Colombia by notorious cartel kingpin Pablo Escobar. 

Applications for the CAD software extend far beyond medicine and throughout the burgeoning field of synthetic biology, which involves redesigning organisms to give them new abilities. For example, we envision users designing solutions for biomanufacturing; it’s possible that society could reduce its reliance on petroleum thanks to microorganisms that produce valuable chemicals and materials. And to aid the fight against climate change, users could design microorganisms that ingest and lock up carbon, thus reducing atmospheric carbon dioxide (the main driver of global warming).

“Left of Boom”

The allied military forces engaged in operations in Iraq and Afghanistan nearly 20 years ago were confronted with the challenge of Improvised Explosive Devices (IEDs), which were roadside bombs that detonated remotely and inflicted casualties and damage to military personnel and materiel. Major research efforts on how to detect these IEDs and detonate them harmlessly, or to infiltrate and disrupt bomb manufacturing, were referred by the idiom “Left of Boom.” “Left” is the program management concept for the early side of the programmatic timeline, as in “Move this project to the left.” Of course, “Boom” is self-explanatory.

ViacomCBS CEO Bob Bakish this morning downplayed his company’s interest in a potential merger — like one with its partner Comcast. At the WSJ Tech Live conference today, the media company exec said the company’s current strategy was to focus on its “organic plan” in streaming, which would be the best path forward to create shareholder value. He also claimed it was still “early days” for its new service Paramount+, essentially downplaying the ideas that a merger would be necessary for the service to succeed.

You may often see .exe files but you may not know what they are. Is it the same as an executable file? The short answer is no. So what’s the difference?

Interest in zero trust is surging, according to IDG’s 2020 Security Priorities Study, with 40% of survey respondents saying they are actively researching zero trust technologies, up from only 11% in 2019, and 18% of organizations indicating they already have zero trust solutions, more than double the 8% in 2018. Another 23% of respondents plan to deploy zero trust in the next 12 months.

Are you currently studying information security? Or are you considering transitioning to a career in cybersecurity? According to the US Bureau of Labor Statistics, cybersecurity jobs will grow 31 percent from 2019 to 2029—more than six times the national average job growth.¹ Cybersecurity skills are clearly in high demand. But more than that, cybersecurity is a rewarding career attracting many bright, passionate practitioners and leaders who are invested in making the world a better, more secure place.

Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.

So far, 2021 has proved to be somewhat of a security annus horribilis for tech giant Microsoft, with numerous vulnerabilities impacting several of its leading services, including Active Directory, Exchange, and Azure. Microsoft is no stranger to being targeted by attackers seeking to exploit known and zero-day vulnerabilities, but the rate and scale of the incidents it has faced since early March has put the tech giant on its back foot for at least a moment or two.

This post was written by the following Avast researchers:

With a heightened focus on keeping businesses safe from cyberattacks, particularly due to high-profile ransomware and third-party vendor supply chain attacks making the daily news cycle, organizations are looking to their CISO or cybersecurity leaders to inform their board of directors on their security posture. Boards want to know if the organization can withstand a cyberattack, what plans are in place to mitigate an attack should one occur, and to assess the organization’s cybersecurity maturity level.  

With new technological advancements comes a need for heightened security measures. Plenty of criminals are searching for vulnerabilities in networks, so it shouldn’t come as a surprise that cybersecurity issues have become more prevalent.

Increasingly sophisticated cyberattacks against federal agencies highlight the urgent need to enhance federal cybersecurity. To help with this, CISA has published the Zero Trust Maturity Model to assist agencies in implementing zero trust architecture (ZTA) – and modern AppSec solutions are a crucial part of that effort.