Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
Cyber insurance can offset the risks of potential breaches
SMBs are aware of increasing cyber threats and allocating resources and investing in areas such as network and cloud security, according to Datto. Key takeaways from this …
EU cyber resilience regulation could translate into millions in fines
The EU Commission’s Cyber Resilience Act (CRA) is intended to close the digital fragmentation problem surrounding devices and systems with network connections – from …
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
Global instability increases cyber risk, says World Economic Forum
Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum. The …
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
How data protection is evolving in a digital world
Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to …
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
Training, endpoint management reduce remote working cybersecurity risks
33% of companies are not providing any cybersecurity awareness training to users who work remotely, according to Hornetsecurity. The study also revealed that nearly 74% of …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a …
10 data security enhancements to consider as your employees return to the office
77% of IT decision makers across the United States and Canada believe their companies are likely to face a data breach within the next three years according to survey results …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype