vulnerability
SAP applications more vulnerable than users might think
Many application owners are unaware of how vulnerable their SAP applications may be, significantly increasing the risks to their core enterprise systems. This is the overall …
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system
Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more …
A look at the 2021 CWE Top 25 most dangerous software weaknesses
The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two …
Where does the SME fit into a supply chain attack?
“No business is an island, entire of itself” (with apologies to John Donne). Businesses have connections to other businesses, who supply them with goods, and whom they supply …
Ignore API security at your peril
Application programming interfaces (APIs) are at the core of nearly every digital experience – whether that is the delivery of mobile apps that enable consumers to …
Government IT decision makers worried about security risks related to cloud migration
Nearly 70% of U.S. government IT decision makers surveyed view security risks as the top barrier when migrating to modern cloud platforms, a Morning Consult survey reveals. Of …
Apple security updates: iOS 14.7 fixes WiFiDemon flaw
Apple has released security updates for macOS Big Sur (11.5), Catalina (10.15) and Mojave (10.14), as well as iOS (14.7) and iPadOS (14.7). There is no indication that Apple …
Asset inventory management: What’s the ROI?
Asset inventory management is critical to any company’s planning and accounting process. Having an accurate, up-to-date view of every asset (all devices, equipment, vehicles, …
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
Easily exploitable, unpatched Windows privilege escalation flaw revealed (CVE-2021-36934)
A researcher that goes by the Twitter handle @jonasLyk has unearthed an easily exploitable vulnerability (CVE-2021-36934) in Windows 10 that may allow local non-administrative …
DDoS attacks increased 33% in H1 2021
There has been a 33% increase in the number of DDoS attacks in H1 2021, according to a report published by Link11. Between January and June, there were record numbers of …
Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …