βΌ CVE-2015-5598 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.π Read
via "National Vulnerability Database".
π΄ Microsoft Reverses Course on Blocking Office Macros by Default π΄
π Read
via "Dark Reading".
Security experts criticize company for reversing course on a decision it made just this February to block macros in files downloaded from the Internet.π Read
via "Dark Reading".
Dark Reading
Microsoft Reverses Course on Blocking Office Macros by Default
Security experts criticize company for reversing course, albeit temporarily, on a decision it made just this February to block macros in files downloaded from the Internet.
π΄ Microsoft Reverses Course on Blocking Office Macros by Default π΄
π Read
via "Dark Reading".
Security experts criticize company for reversing course, albeit temporarily, on a decision it made just this February to block macros in files downloaded from the Internet.π Read
via "Dark Reading".
Dark Reading
Microsoft Reverses Course on Blocking Office Macros by Default
Security experts criticize company for reversing course, albeit temporarily, on a decision it made just this February to block macros in files downloaded from the Internet.
βΌ CVE-2022-35412 βΌ
π Read
via "National Vulnerability Database".
Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31137 βΌ
π Read
via "National Vulnerability Database".
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2353 βΌ
π Read
via "National Vulnerability Database".
Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.π Read
via "National Vulnerability Database".
π’ NCSC and ICO chiefs plead with lawyers to stop making ransomware payments π’
π Read
via "ITPro".
The two UK authorities say misconceptions around ICO fines are jeopardising the integrity of UK cyber security, in a direct appeal to the Law Societyπ Read
via "ITPro".
IT PRO
NCSC and ICO chiefs plead with lawyers to stop making ransomware payments | IT PRO
The two UK authorities say misconceptions around ICO fines are jeopardising the integrity of UK cyber security, in a direct appeal to the Law Society
π’ Web3 projects lose over $2 billion to hacks and exploits in 2022 π’
π Read
via "ITPro".
Blockchain and crypto schemes have already lost more in the first half of this year than throughout all of 2021π Read
via "ITPro".
IT PRO
Web3 projects lose over $2 billion to hacks and exploits in 2022 | IT PRO
Blockchain and crypto schemes have already lost more in the first half of this year than throughout all of 2021
π’ Russia-linked state-sponsored hackers launch fresh attacks by abusing latest red team tool π’
π Read
via "ITPro".
Researchers said the new tool has evaded the detection of many leading security products and is quickly growing in popularityπ Read
via "ITPro".
IT PRO
Russia-linked state-sponsored hackers launch fresh attacks by abusing latest red team tool | IT PRO
Researchers said the new tool has evaded the detection of many leading security products and is quickly growing in popularity
β€1
π’ SHI malware attack causes major disruption and forces staff offline π’
π Read
via "ITPro".
IT supplier says there's no evidence to suggest customer data was exfiltrated during the "security incident" attackπ Read
via "ITPro".
IT PRO
SHI malware attack causes major disruption and forces staff offline | IT PRO
IT supplier says there's no evidence to suggest customer data was exfiltrated during the "security incident" attack
π’ Marriott hit by data breach through social engineering π’
π Read
via "ITPro".
Unknown attackers were reportedly able to exfiltrate 20GB of information from the companyπ Read
via "ITPro".
IT PRO
Marriott hit by data breach through social engineering | IT PRO
Unknown attackers were reportedly able to exfiltrate 20GB of information from the company
π’ Experts bemoan Microsoftβs 'terrible' backtrack on blocking VBA macros π’
π Read
via "ITPro".
Experts express bewilderment over the decision to reverse the long-overdue macro block, as fears mount that cyber criminals can take advantageπ Read
via "ITPro".
ITPro
'This is a terrible idea': Security experts bemoan Microsoftβs backtrack on blocking VBA macros
Experts express bewilderment over the decision to reverse the long-overdue macro block, as fears mount that cyber criminals can take advantage
π’ Southwest Health Center hit by data breach π’
π Read
via "ITPro".
So far, there have been no reports of foul play or misuse of exposed dataπ Read
via "ITPro".
IT PRO
Southwest Health Center hit by data breach | IT PRO
So far, there have been no reports of foul play or misuse of exposed data
π’ Online Safety Bill: Messaging apps 'forced to scan messages' for child abuse content in fresh amendment π’
π Read
via "ITPro".
Apps utilising end-to-end encryption would require backdoors or new mechanisms to allow user data to be scanned and passed on to authoritiesπ Read
via "ITPro".
IT PRO
Online Safety Bill: Messaging apps 'forced to scan messages' for child abuse content in fresh amendment | IT PRO
Apps utilising end-to-end encryption would require backdoors or new mechanisms to allow user data to be scanned and passed on to authorities
π’ Kaspersky appoints new territory manager for UK&I π’
π Read
via "ITPro".
Channel veteran Stuart Peters is tasked with expanding the cybersecurity providerβs presence in the regionπ Read
via "ITPro".
IT PRO
Kaspersky appoints new territory manager for UK&I | IT PRO
Channel veteran Stuart Peters is tasked with expanding the cybersecurity providerβs presence in the region
π1
π’ The new wave of cyber security threats facing critical national infrastructure (CNI) π’
π Read
via "ITPro".
CNI is increasingly becoming a viable target, thanks to a litany of new malware strains, with cyber attacks threatening to have serious consequencesπ Read
via "ITPro".
IT PRO
The new wave of cyber security threats facing critical national infrastructure (CNI) | IT PRO
CNI is increasingly becoming a viable target, thanks to a litany of new malware strains, with cyber attacks threatening to have serious consequences
π’ QR codes are just as insecure as anything else π’
π Read
via "ITPro".
A browser locked down tighter than a duckβs derriere wonβt save you from phishing attacks β but getting to grips with the latest advice and best practice mightπ Read
via "ITPro".
IT PRO
QR codes are just as insecure as anything else | IT PRO
A browser locked down tighter than a duckβs derriere wonβt save you from phishing attacks β but getting to grips with the latest advice and best practice might
π’ UK government must 'engage with tech giants' on foreign policy π’
π Read
via "ITPro".
The Foreign Affairs Committee urge the government to work more closely with big tech, which is becoming the new battleground for threats to national privacy and securityπ Read
via "ITPro".
IT PRO
Engage with tech giants on foreign policy or risk national security, MPs tell government | IT PRO
The Foreign Affairs Committee urge the government to work more closely with big tech, which is becoming the new battleground for threats to national privacy and security
π’ Apple launching Lockdown Mode with iOS 16 π’
π Read
via "ITPro".
Apple breaks its bug bounty record with $2 million top prize, alongside $10 million grant funding, as it launches industry-first protections for highly targeted individualsπ Read
via "ITPro".
IT PRO
Apple launching Lockdown Mode with iOS 16 to guard against Pegasus-style spyware | IT PRO
Apple breaks its bug bounty record with $2 million top prize, alongside $10 million grant funding, as it launches industry-first protections for highly targeted individuals
π’ EU inches closer to blocking Meta from sending personal data to US π’
π Read
via "ITPro".
The decision still needs to be approved by other European data regulators, but could see the shut down of Instagram and Facebook on the continentπ Read
via "ITPro".
IT PRO
EU inches closer to blocking Meta from sending personal data to US | IT PRO
The decision still needs to be approved by other European data regulators, but could see the shut down of Instagram and Facebook on the continent
π’ US unveils next-gen encryption tools to withstand quantum computing attacks π’
π Read
via "ITPro".
The National Institute of Standards and Technology (NIST) hopes to offer a variety of tools for quantum-proof encryptionπ Read
via "ITPro".
IT PRO
US unveils next-gen encryption tools to withstand quantum computing attacks | IT PRO
The National Institute of Standards and Technology (NIST) hopes to offer a variety of tools for quantum-proof encryption