vulnerability
Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich …
Increasing speed of vulnerability scans ultimately increases security fixes overall
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their …
Blocked DDoS attack volumes up, tech, healthcare and finance most targeted
Second quarter blocked DDoS attack volumes were up more than 40% compared to the same period in 2020, a Radware report reveals. The report provides an overview of DDoS attack …
Cybercriminals are manipulating reality to reshape the modern threat landscape
VMware released a report which analyzes how cybercriminals are manipulating reality to reshape the modern threat landscape. The report found a drastic rise in destructive …
Vulnerable TCP/IP stack is used by almost 200 device vendors
Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens …
Supply chain attacks expected to multiply by 4 in 2021
Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a …
Moving toward a reality where breaches are not a given
Ninety-one percent of cybersecurity leaders say they want to see their organization shift from ‘assume breach’ to breach prevention in the next three years, according to a …
SAP applications more vulnerable than users might think
Many application owners are unaware of how vulnerable their SAP applications may be, significantly increasing the risks to their core enterprise systems. This is the overall …
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system
Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more …
A look at the 2021 CWE Top 25 most dangerous software weaknesses
The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two …
Where does the SME fit into a supply chain attack?
“No business is an island, entire of itself” (with apologies to John Donne). Businesses have connections to other businesses, who supply them with goods, and whom they supply …
Ignore API security at your peril
Application programming interfaces (APIs) are at the core of nearly every digital experience – whether that is the delivery of mobile apps that enable consumers to …