π΄ Vectra Acquires Siriux Security Technologies to Extend Leadership in Identity and SaaS Threat Management π΄
π Read
via "Dark Reading".
The acquisition positions Vectra to help customers securely configure and detect active threats in cloud identity and SaaS applications, including Microsoft Azure AD and Microsoft 365.π Read
via "Dark Reading".
Dark Reading
Vectra Acquires Siriux Security Technologies to Extend Leadership in Identity and SaaS Threat Management
The acquisition positions Vectra to help customers securely configure and detect active threats in cloud identity and SaaS applications, including Microsoft Azure AD and Microsoft 365.
β FBI: Use a Burner Phone at the Olympics β
π Read
via "Threat Post".
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that "can be trivially sidestepped." Besides burners, here are more tips on staying cyber-safe at the Games.π Read
via "Threat Post".
Threat Post
FBI: Use a Burner Phone at the Olympics
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that "can be trivially sidestepped." Besides burners, here are more tips on staying cyber-safe at the Games.
π΄ Nucleus Security Forms Strategic Partnership with Mandiant π΄
π Read
via "Dark Reading".
Intent is to enhance vulnerability management programs with operationalized threat intelligence.π Read
via "Dark Reading".
Dark Reading
Nucleus Security Forms Strategic Partnership with Mandiant
Intent is to enhance vulnerability management programs with operationalized threat intelligence.
π΄ ThycoticCentrify Renamed Delinea π΄
π Read
via "Dark Reading".
Privileged access management vendor rebrands.π Read
via "Dark Reading".
Dark Reading
ThycoticCentrify Renamed Delinea
Privileged access management vendor rebrands.
π΄ Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises π΄
π Read
via "Dark Reading".
Enterprise security teams can use secure web browsers to apply controls and governance to cloud applications and customer data.π Read
via "Dark Reading".
Dark Reading
Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises
Enterprise security teams can use secure Web browsers to apply controls and governance to cloud applications and customer data.
βΌ CVE-2021-42638 βΌ
π Read
via "National Vulnerability Database".
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.π Read
via "National Vulnerability Database".
π’ QNAP ransomware victims dealt double blow as firmware update hampers decryption π’
π Read
via "ITPro".
Emisoft releases decryptor for victims while QNAP explains why and how it controversially auto-updated userβs productsπ Read
via "ITPro".
IT PRO
QNAP ransomware victims dealt double blow as firmware update hampers decryption | IT PRO
Emisoft releases decryptor for victims while QNAP explains why and how it controversially auto-updated userβs products
π’ MoD reported seven data incidents to the ICO between 2020 and 2021 π’
π Read
via "ITPro".
More than 4,000 people were affected according to the department's Annual Report and Accountsπ Read
via "ITPro".
IT PRO
MoD reported seven data incidents to the ICO between 2020 and 2021 | IT PRO
More than 4,000 people were affected according to the department's Annual Report and Accounts
π’ Log4j vulnerability continues to stress CISOs π’
π Read
via "ITPro".
Avast's latest threat report also reveals the resurrection of the infamous Emotet botnetπ Read
via "ITPro".
IT PRO
Log4j vulnerability continues to stress CISOs | IT PRO
Avast's latest threat report also reveals the resurrection of the infamous Emotet botnet
π’ The best defence against ransomware π’
π Read
via "ITPro".
How ransomware is evolving and how to defend against itπ Read
via "ITPro".
IT PRO
The best defence against ransomware
How ransomware is evolving and how to defend against it
π’ QNAP users angry after NAS drives are updated to combat DeadBolt ransomware π’
π Read
via "ITPro".
Concerns mount over the powers the NAS manufacturer has over users' products as users report non-consensual forced security updatesπ Read
via "ITPro".
IT PRO
QNAP users angry after NAS drives are updated to combat DeadBolt ransomware | IT PRO
Concerns mount over the powers the NAS manufacturer has over users' products as users report non-consensual forced security updates
π’ FBI urges Olympic athletes to leave personal devices at home due to cyber risk π’
π Read
via "ITPro".
The organisation has warned that threat actors could use a broad range of cyber activities, including DDoS or ransomware attacks, to disrupt the eventπ Read
via "ITPro".
IT PRO
FBI urges Olympic athletes to leave personal devices at home due to cyber risk | IT PRO
The organisation has warned that threat actors could use a broad range of cyber activities, including DDoS or ransomware attacks, to disrupt the event
π’ Google adds Python support to privacy-preserving data analysis tool π’
π Read
via "ITPro".
The addition of Python opens up the open-source differential privacy library to nearly half of all developers worldwideπ Read
via "ITPro".
IT PRO
Google adds Python support to privacy-preserving data analysis tool | IT PRO
The addition of Python opens up the open-source differential privacy library to nearly half of all developers worldwide
π’ IT Pro News in Review: Nvidia walks away from Arm, Belarusian train hack, and IBM to sell Watson Health π’
π Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutesπ Read
via "ITPro".
βΌ CVE-2022-24300 βΌ
π Read
via "National Vulnerability Database".
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24301 βΌ
π Read
via "National Vulnerability Database".
In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.π Read
via "National Vulnerability Database".
ποΈ British Council data breach leaks 10,000 student records ποΈ
π Read
via "The Daily Swig".
Researchers say 144,000 files were exposedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
British Council data breach leaks 10,000 student records
Researchers say 144,000 files were exposed
βΌ CVE-2022-0366 βΌ
π Read
via "National Vulnerability Database".
An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41016 βΌ
π Read
via "National Vulnerability Database".
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special charactersπ Read
via "National Vulnerability Database".
βΌ CVE-2021-39066 βΌ
π Read
via "National Vulnerability Database".
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43062 βΌ
π Read
via "National Vulnerability Database".
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to the FortiGuard URI protection service.π Read
via "National Vulnerability Database".