Securing Modern Enterprises in a Borderless Landscape

CISOs offer recommendations to help secure identities, data, code, and cloud infrastructure and protect against evolving threats and vulnerabilities.

https://www.darkreading.com/vulnerabilit...-landscape

Unifor strikes Stellantis after weekend contract talks don't end in a deal

<p>Unifor strikes Stellantis after weekend contract talks don't end in a deal, but Unifor said negotiations will continue through the night. </p>

https://www.autonews.com/manufacturing/u...bring-deal

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware

A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE.
"MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications to Windows users," Elastic

https://thehackernews.com/2023/10/hacker...es-to.html

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster.
The vulnerabilities are as follows - 

CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller
CVE-2023-5043 (

https://thehackernews.com/2023/10/urgent...ed-in.html

Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto


The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug collisions) targeting consumer products between October 24 and October 27. [...]


https://www.bleepingcomputer.com/news/se...n-toronto/

HackerOne paid ethical hackers over $300 million in bug bounties


HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. [...]


https://www.bleepingcomputer.com/news/se...-bounties/

Hackers email stolen student data to parents of Nevada school district


The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack. [...]


https://www.bleepingcomputer.com/news/se...-district/

Windows 11 adds support for 11 file archives, including 7-Zip and RAR


Microsoft says Windows 11 22H2 now natively supports almost a dozen additional archive formats, including RAR, 7-Zip, Tar, and GZ archives. [...]


https://www.bleepingcomputer.com/news/mi...p-and-rar/

Pirate IPTV network in Austria dismantled and $1.74 million seized


The Austrian police have arrested 20 people across the country linked to an illegal IPTV network that, between 2016 and 2023, decrypted copyright-protected broadcasts and redistributed them to thousands of customers. [...]


https://www.bleepingcomputer.com/news/se...on-seized/

New Hunters International ransomware possible rebrand of Hive

A new ransomware-as-a-service brand named Hunters International has emerged using code used by the Hive ransomware operation, leading to the valid assumption that the old gang has resumed activity under a different flag. [...]


https://www.bleepingcomputer.com/news/se...d-of-hive/