-
Microsoft’s July Update Patches 143 Flaws, Including Two Actively Exploited
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition…
-
True Protection or False Promise? The Ultimate ITDR Shortlisting Guide
It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity…
-
Google Adds Passkeys to Advanced Protection Program for High-Risk Users
Google on Wednesday announced that it’s making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). “Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account,” Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant…
-
Opinion: An ESG approach to modernizing, improving and securing Oregon’s power grid
Clinton McGarvin writes that
-
Dutch Bros signs a massive office lease in Phoenix
The Oregon based company claims its headquarters remains in Grants Pass. However, the Tempe move marks the Phoenix area’s largest office lease of the year.
-
82nd Avenue transit plan gets $39M infusion after Pete Buttigieg visit
The U.S. Department of Transportation is sending $39 million to TriMet to buy electric buses that will roll onto Portland’s 82nd Avenue transit corridor.
-
These Portland Safeways would be sold in Kroger-Albertsons merger
Kroger’s divestiture list includes nearly 200 stores in Oregon and Washington.
-
CytoDyn settles lawsuit against former business partner for $12M
The $14 million Amarex had claimed against CytoDyn will be eliminated under the terms of the settlement.
-
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. “The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks,” InkBridge
-
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it’s possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. “Misconfigurations such as improperly set up authentication mechanisms expose the ‘/script’ endpoint to attackers,” Trend Micro’s Shubham Singh and Sunil Bharti said in a technical write-up