vulnerability
Drupal fixes three vulnerabilities, including one RCE
Drupal’s security team has fixed three vulnerabilities in the popular content management system’s core, one of which (CVE-2020-13663) could be exploited to achieve …
How the pandemic affected DDoS attack patterns, global internet traffic
There has been a shift in internet traffic patterns coinciding with an increase in DDoS and other types of network attacks in recent months as organizations across industries …
Using Cisco Webex for your video conferencing needs? Go patch!
Cisco has released security updates for Cisco Webex Meetings and Cisco Webex Meetings Server that fix several remotely exploitable vulnerabilities, as well as one less severe …
Vulnerable platform used in power plants enables attackers to run malicious code on user browsers
Otorio’s incident response team identified a high-score vulnerability in OSISoft’s PI System. They immediately notified OSIsoft Software of the vulnerability, which …
Because IT security and the C-suite are misaligned, digital transformation increases cyber risk
While digital transformation is understood to be critical, its rapid adoption, as seen with cloud providers, IoT and shadow IT, is creating significant cyber risk for most …
Adobe releases more security updates, equips Adobe Acrobat DC with a sandbox
A week after the June 2020 Patch Tuesday, Adobe has plugged more critical security holes in some of its well known graphic design and video and audio editing software. The …
Running ConnectWise Automate on-prem? Fix this high-risk API vulnerability
ConnectWise has fixed a high-severity vulnerability affecting a ConnectWise Automate API and is urging users who run the solution on their premises to implement the provided …
Complexity and size of DDoS attacks have increased
The complexity and size of DDoS attacks in 2019 has increased significantly compared to 2018. A report published by NaWas by NBIP concludes that despite the number of attacks …
Top security risks for companies to address as cloud migration accelerates
The ease and speed at which new cloud tools can be deployed is also making it harder for security teams to control their usage, IBM Security reveals. According to the data, …
Organizations are creating the perfect storm by not implementing security basics
European organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according …
UPnP vulnerability lets attackers steal data, scan internal networks
A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile …
2019 was a record year for OSS vulnerabilities
Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act