βΌ CVE-2022-35826 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35825, CVE-2022-35827.π Read
via "National Vulnerability Database".
βοΈ Microsoft Patch Tuesday, August 2022 Edition βοΈ
π Read
via "Krebs on Security".
Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond also addressed multiple flaws in Exchange Server β including one that was disclosed publicly prior to today β and it is urging organizations that use Exchange for email to update as soon as possible and to enable additional protections.π Read
via "Krebs on Security".
Krebs on Security
Microsoft Patch Tuesday, August 2022 Edition
Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service builtβ¦
π’ Logicalis snaps up UK-based IT consultancy Q Associates π’
π Read
via "ITPro".
MSP extends specialist Microsoft and data-centric IT services capabilities across the UK and Irelandπ Read
via "ITPro".
IT PRO
Logicalis snaps up UK-based IT consultancy Q Associates | IT PRO
MSP extends specialist Microsoft and data-centric IT services capabilities across the UK&I
π’ Microsoft blocking Tutanota users from Teams registration, claims fix unfeasible π’
π Read
via "ITPro".
Tutanota claim this is an antitrust issue, as the company shares the problem with the publicπ Read
via "ITPro".
ITPro
Microsoft blocking Tutanota users from Teams registration, claims fix unfeasible
Tutanota claim this is an antitrust issue, as the company shares the problem with the public
π’ What is Dark Utilities C2 as a service (C2aaS)? π’
π Read
via "ITPro".
Hackers can use the service to launch cyber attacks with ease for as little as Β£8.50π Read
via "ITPro".
IT PRO
What is Dark Utilities C2 as a service (C2aaS)? | IT PRO
Hackers can use the service to launch cyber attacks with ease for as little as Β£8.50
π’ VMware warns of tumultuous threats amid Russia-Ukraine cyber war π’
π Read
via "ITPro".
New report underscores burned-out security teams' response to geopolitically motivated cyber attacksπ Read
via "ITPro".
ITPro
VMware warns of tumultuous threats amid Russia-Ukraine cyber war
New report underscores burned-out security teams' response to geopolitically motivated cyber attacks
π’ Cyber attack on software supplier causes "major outage" across the NHS π’
π Read
via "ITPro".
Unconfirmed reports suggest the attack may be ransomware-related, while the NHS contends with disrupted services on the 111 non-emergency lineπ Read
via "ITPro".
IT PRO
Cyber attack on software supplier causes "major outage" across the NHS | IT PRO
Unconfirmed reports suggest the attack may be ransomware-related, while the NHS contends with disrupted services on the 111 non-emergency line
π’ Twilio account breach result of sophisticated social engineering campaign π’
π Read
via "ITPro".
Employees were subjected to personalised texts that impersonated Twilio's IT department, in a strategic credential harvesting operationπ Read
via "ITPro".
IT PRO
Twilio account breach result of sophisticated social engineering campaign | IT PRO
Employees were subjected to personalised texts that impersonated Twilio's IT department, in a strategic credential harvesting operation
π’ Nomad happy to forgive hackers if they return 90% of $190 million that was stolen π’
π Read
via "ITPro".
The crypto bridge is offering 'white hat hackers' a 10% bounty following the attack earlier this weekπ Read
via "ITPro".
IT PRO
Nomad happy to forgive hackers if they return 90% of $190 million that was stolen | IT PRO
The crypto bridge is offering 'white hat hackers' a 10% bounty following the attack earlier this week
π’ Brave pushes the boundaries of privacy by design π’
π Read
via "ITPro".
Itβs quite a big step to abandon the big three of Chrome, Edge and Safari for a niche option that doesnβt just tack privacy on topπ Read
via "ITPro".
IT PRO
Brave pushes the boundaries of privacy by design | IT PRO
Itβs quite a big step to abandon the big three of Chrome, Edge and Safari for a niche option that doesnβt just tack privacy on top
π’ Meta clamps down on South Asian cyber espionage operations involving Facebook π’
π Read
via "ITPro".
The firmβs latest threat intelligence report discloses successful takedowns in India, Greece, South Africa and Indonesiaπ Read
via "ITPro".
IT PRO
Meta clamps down on South Asian cyber espionage operations involving Facebook | IT PRO
The firmβs latest threat intelligence report discloses successful takedowns in India, Greece, South Africa and Indonesia
π’ South Korean public sector organisations targeted by Gwisin ransomware π’
π Read
via "ITPro".
Threat actors tailored attacks on victims such as pharmaceutical companies, with researchers still in the dark on key detailsπ Read
via "ITPro".
IT PRO
South Korean public sector organisations targeted by Gwisin ransomware | IT PRO
Threat actors tailored attacks on victims such as pharmaceutical companies, with researchers still in the dark on key details
π’ Home Office to collect foreign offenders' biometric data using smartwatch scheme π’
π Read
via "ITPro".
Facial recognition and geolocation data will be matched against Home Office, Ministry of Justice and police databasesπ Read
via "ITPro".
IT PRO
Biometrics of foreign offenders to be collected using smartwatch scheme | IT PRO
Facial recognition and geolocation data will be matched against Home Office, Ministry of Justice and police databases under the plans
π’ Both Russia and Ukraine targeted by Chinese state-backed hackers π’
π Read
via "ITPro".
A five-year-old Microsoft Office vulnerability was enough to gain a significant foothold in some of the most high-value organisations in each countryπ Read
via "ITPro".
ITPro
Defence enterprises, government agencies in Russia and Ukraine targeted by state-sponsored hackers
A five-year-old Microsoft Office vulnerability was enough to gain a significant foothold in some of the most high-value organisations in each country
π’ Why convenience is the biggest threat to your security π’
π Read
via "ITPro".
The shortcuts and human error that lead to breaches - and how to guard against themπ Read
via "ITPro".
IT PRO
Why convenience is the biggest threat to your security | IT PRO
The shortcuts and human error that lead to breaches - and how to guard against them
βΌ CVE-2022-2242 βΌ
π Read
via "National Vulnerability Database".
The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).π Read
via "National Vulnerability Database".
β Microsoft Patches βDogwalkβ Zero-Day and 17 Critical Flaws β
π Read
via "Threat Post".
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.π Read
via "Threat Post".
Threat Post
Microsoft Patches βDogwalkβ Zero-Day and 17 Critical Flaws
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.
π΄ UntitledFlow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round π΄
π Read
via "Dark Reading".
First-of-its-kind solution discovers and protects both data at rest and in motion.π Read
via "Dark Reading".
Dark Reading
Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round
First-of-its-kind solution discovers and protects both data at rest and in motion.
ποΈ Cisco router flaw gives patient attackers full access to small business networks ποΈ
π Read
via "The Daily Swig".
Vulnerable path is reachable just once a day, but patches still need to be implemented as a matter of priorityπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Cisco router flaw gives patient attackers full access to small business networks
Vulnerable path is reachable just once a day, but patches still need to be implemented as a matter of priority
π΄ Compliance Certifications: Worth the Effort? π΄
π Read
via "Dark Reading".
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.π Read
via "Dark Reading".
Dark Reading
Compliance Certifications: Worth the Effort?
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.
βΌ CVE-2022-36324 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.π Read
via "National Vulnerability Database".