Security vulnerabilities stories - Page 15
Supply chain vulnerability identified in SAP transport system
Fri, 21st Jan 2022
#
supply chain & logistics
#
software development
#
sap
Supply chain attacks on SAP software distribution process allow internal attackers to intervene undetected, says SecurityBridge. A patch has been released.
Vulnerabilities pose danger to SonicWall SMA 100 remote access appliances
Thu, 20th Jan 2022
#
iam
#
sonicwall
#
security vulnerabilities
SonicWall and Australia’s ACSC are urging all businesses using SonicWall SMA 100 Series appliances to patch the devices as soon as possible.
Hundreds of Australian corporations identified with email security vulnerabilities
Tue, 11th Jan 2022
#
phishing
#
email security
#
security vulnerabilities
A security researcher from CanIPhish.com has discovered over 200 well-known Australian corporations with email security vulnerabilities.
Gartner explains what security leaders need to know, and do, about Log4j
Tue, 28th Dec 2021
#
malware
#
ransomware
#
cybersecurity
Log4j vulnerability prompts urgent action from security leaders. Gartner's Jonathan Care explains risks and steps to take.
A new tool to help the MSP community combat Log4j
Mon, 27th Dec 2021
#
partner programmes
#
cybersecurity
#
managed services
Datto is encouraging all MSPs to download a free script developed and made available on GitHub for any Remote Monitoring and Management solution.
1 in 10 servers and web apps vulnerable to Log4Shell
Mon, 27th Dec 2021
#
datacentre infrastructure
#
advanced persistent threat protection
#
cybersecurity
Only 70% of organizations have scanned for the Log4Shell vulnerability, leaving 10% of assessed assets vulnerable, warns cybersecurity firm Tenable.
What is Log4J and how does it affect you?
Fri, 24th Dec 2021
#
martech
#
cybersecurity
#
software development
Log4J software bug, aka Log4Shell, sparks concern as it affects various platforms. Norton Labs offers advice on protecting systems and applications.
New threat intelligence from Sophos following the Apache Log4Shell vulnerability
Wed, 15th Dec 2021
#
malware
#
firewalls
#
network infrastructure
Sophos warns of a surge in cyberattacks exploiting the Apache Log4Shell vulnerability, with attempts exceeding hundreds of thousands so far.
Log4j actively exploited, serious complications can occur according to CERT NZ
Mon, 13th Dec 2021
#
martech
#
breach prevention
#
cybersecurity
The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.
Claroty and JFrog discover 14 vulnerabilities in Busybox
Fri, 19th Nov 2021
#
open source
#
linux
#
security vulnerabilities
Team82 and JFrog discover 14 vulnerabilities in the latest version of BusyBox, affecting OT and IoT devices running on Linux.
New Microsoft Defender vulnerability should concern every enterprise - expert
Mon, 15th Nov 2021
#
cybersecurity
#
microsoft
#
security vulnerabilities
Microsoft Defender vulnerability poses significant threat, warns Virsec. With 55 vulnerabilities in total, it is deemed the most concerning by experts.
API vulnerabilities are a huge target for cyber criminals, report finds
Thu, 28th Oct 2021
#
ddos
#
api
#
software development
API vulnerabilities pose a significant risk to companies and individuals worldwide, according to new research by Akamai Technologies.
ATM vulnerabilities open door for attacks - report
Thu, 28th Oct 2021
#
breach prevention
#
cybersecurity
#
security breaches
Vulnerabilities in Wincor Cineo ATMs allow attackers to bypass encryption and make cash withdrawals, according to researchers.
Interview: Invicti's Mark Ralls on the new defining age for web application security
Thu, 30th Sep 2021
#
cybersecurity
#
security vulnerabilities
#
web applications
Invicti, the cybersecurity firm, has combined web application security expertise from its 2018 merger of Netsparker and Acunetix.
.
Apple urgently patches exploits across several operating systems
Wed, 15th Sep 2021
#
cybersecurity
#
personal computing devices
#
apple
Apple has urgently released patches for multiple software products due to vulnerabilities that may be linked to the Pegasus spyware.
Privacy Commissioner John Edwards tipped for top role as UK Information Commissioner
Fri, 27th Aug 2021
#
breach prevention
#
healthtech
#
data breach
Privacy Commissioner John Edwards named preferred candidate for UK Information Commissioner, pending UK Parliament's decision.
Severe vulnerabilities in appsec environments taking longer to fix - NTT Security
Wed, 25th Aug 2021
#
application security
#
healthtech
#
security vulnerabilities
The average time to remediate the most severe vulnerabilities in an organisation’s IT infrastructure has now reached 256 days.
Ivanti tackles today's biggest security threats with RiskSense acquisition
Wed, 4th Aug 2021
#
malware
#
ransomware
#
cybersecurity
Ivanti has acquired risk-based vulnerability management specialist RiskSense to enhance its patch management capabilities.
SonicWall vulnerability allows attackers to obtain full control of device and underlying OS
Wed, 7th Jul 2021
#
cybersecurity
#
sonicwall
#
security vulnerabilities
Positive Technologies reveals critical vulnerability in SonicWall Network Security Manager, allowing authenticated attackers full control.
A look at the MS Exchange zero-days and how to protect your business
Thu, 29th Apr 2021
#
firewalls
#
network infrastructure
#
network security
Every organisationusing Microsoft Exchange must patch their on-premise servers immediately and scan their networks for signs of malicious activity.