On May 18 VMware patched two vulnerabilities in its products: CVE-2022-22972 and CVE-2022-22973. To emphasize the severity of the problem, on the same day the US Department of Homeland Security issued a directive obliging all Federal Civilian Executive Branch (FCEB) agencies to close these vulnerabilities in their show more ...
Webroot Console 6.5 is here To help get us closer to retiring the Endpoint Protection Console, we’ve introduced three new functionality features with Webroot Console 6.5. Friendly name support To help get us closer to retiring the Endpoint Protection Console, we’ve introduced three new functionality features with show more ...
The cybersecurity advisory states that threat actors abuse unsecured or misconfigured configurations and weak controls, among other weak cyber hygiene practices, to gain access to the target system.
According to a state audit report, the personal information of nearly two million Texans was exposed for nearly three years due to a programming issue at the Texas Department of Insurance (TDI).
As of May 17, Omnicell has not posted official notice of the breach on its website. However, more information about the Omnicell breach is expected to be made available as the investigation continues.
Of the 86 APTs that researchers investigated, only eight–Stealth Falcon, APT17, Equation, Dragonfly, Elderwood, FIN8, DarkHydrus and Rancor—exploited vulnerabilities that others didn’t, researchers found.
The new Series C investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security platform.
In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388).
Researchers observed a VBScript file executed through sqlservr.exe. This led them to the suspicion that the device had been exploited through a vulnerability that allowed malicious actors to execute arbitrary codes remotely.
The consensus seems to be that the driver ZIP file currently harbors a malware threat known as Ramnit, a fairly common but dangerous trojan horse that spreads by appending itself to other files.
Manufacturers and developers will be able to test and certify their products at the new SG$19.5 million ($13.99 million) facility, which is launched by the Cyber Security Agency of Singapore and Nanyang Technological University.
An investigation revealed that the incident affected a total of 3,687,881 data subjects and that the following personal information was accessed: first name and surname; email addresses; and cell phone numbers.
Jupiter is a robust and high-quality theme builder for WordPress websites. It is utilized by more than 90,000 well-known blogs, online magazines, and platforms that see a large volume of user traffic.
The new funding round was led by SoftBank Vision Fund 2, with participation from Impact Venture Capital, Octave Ventures, Applied Ventures, and existing investors. To date, the company has raised over $150 million.
Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads.
According to Edgescan's "2021 Vulnerability Statistics Report," the average organization's mean time to remediate a vulnerability once it's identified -- known as the security update gap -- is 60.3 days.
The attack impacted the district's phones, email accounts, internet, WiFi networks, and Google Classroom. Currently, teachers do not have access to outgoing or incoming calls or emails.
Lawmakers explored courses of action to help bolster and secure the federal government’s digital networks, primarily through ongoing security software implementation and steady federal funding to protect sensitive U.S. data.
A critical vulnerability in Flux2, the continuous delivery (CD) tool for Kubernetes, can enable rogue tenants in multi-tenancy deployments to sabotage ‘neighbors’ using the same off-premise infrastructure.
WordPress researchers unearthed a set of flaws in the Jupiter Theme and JupiterX Core plugins for the WordPress CMS, including a high-severity flaw that allows a third party to gain administrative privileges and completely take over a live site. Users are recommended to keep their machines up-to-date with the latest security patches.
Microsoft uncovered a malicious campaign targeting SQL servers using a malware dubbed SuspSQLUsage. Attackers leverage a built-in PowerShell binary to achieve persistence on compromised systems. However, for initial compromise, they rely on brute-force tactics. It is recommended to monitor for a suspicious or unknown activity or repeated login attempts.
Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. The phishers hope that this will help lower the attention of the target victim.
An investigation into the Fronton botnet has revealed far more than the ability to perform DDoS attacks, with the exposure of coordinated inauthentic behavior "on a massive scale."
"The Bank of Zambia wishes to inform members of the public that it experienced a partial disruption to some of its Information Technology (IT) applications on Monday 9th May 2022," disclosed the bank in a press release.
The Space Pirates APT group has been seen targeting government agencies and enterprises involved in IT services, aerospace, and electric power industries located in Russia, Georgia, and Mongolia.
At its peak, the 3ve ad fraud campaign, also known as Eve, infected over 1.7 million devices with the Kovter botnet, a click-fraud malware that would quietly run in the background while connecting to sites to consume advertisements.
Having cleared the Senate in January, the State and Local Government Cybersecurity Act passed the House of Representatives Tuesday and now awaits President Joe Biden’s signature.
The SAP application server ABAP and ABAP Platform are susceptible to code injection, SQL injection, and missing authorization vulnerabilities. Multiple SAP products are affected.
LiquidFiles version 3.4.15 suffers from a cross site scripting vulnerability.
PHPIPAM version 1.4.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
Red Hat Security Advisory 2022-4668-01 - Red Hat OpenShift Virtualization release 4.10.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2022-4692-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2022-4691-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2022-4623-01 - This release of Red Hat build of Quarkus 2.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-4644-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-2205-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.33. Issues addressed include a cross site scripting vulnerability.
Red Hat Security Advisory 2022-4661-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a traversal vulnerability.
Red Hat Security Advisory 2022-4655-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-4642-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-4667-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.10.1 RPMs. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-4651-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a privilege escalation vulnerability.
Ubuntu Security Notice 5429-1 - Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.
Ubuntu Security Notice 5430-1 - It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations.
A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users' email addresses are exfiltrated to tracking, marketing, and analytics domains before such is submitted and without prior consent. The study involved crawling 2.8 million pages from the top 100 websites, and found that as many as 1,844 websites allowed trackers to
VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks. The first of the two flaws, tracked as CVE-2022-22972 (CVSS score: 9.8), concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior
The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today's enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves. Demographics The
Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature.
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range. <!-
A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up to? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer show more ...
It should be hard for malicious hackers to break into systems, but all too often it isn't. Read more in my article on the Tripwire State of Security blog.
Spanish police say that they have dismantled a phishing gang operating across the country, following the arrest of 13 people and the announcement that they are investigating a further seven suspects. Read more in my article on the Tripwire State of Security blog.
