π’ Twilio account breach result of sophisticated social engineering campaign π’
π Read
via "ITPro".
Employees were subjected to personalised texts that impersonated Twilio's IT department, in a strategic credential harvesting operationπ Read
via "ITPro".
IT PRO
Twilio account breach result of sophisticated social engineering campaign | IT PRO
Employees were subjected to personalised texts that impersonated Twilio's IT department, in a strategic credential harvesting operation
π’ Nomad happy to forgive hackers if they return 90% of $190 million that was stolen π’
π Read
via "ITPro".
The crypto bridge is offering 'white hat hackers' a 10% bounty following the attack earlier this weekπ Read
via "ITPro".
IT PRO
Nomad happy to forgive hackers if they return 90% of $190 million that was stolen | IT PRO
The crypto bridge is offering 'white hat hackers' a 10% bounty following the attack earlier this week
π’ Brave pushes the boundaries of privacy by design π’
π Read
via "ITPro".
Itβs quite a big step to abandon the big three of Chrome, Edge and Safari for a niche option that doesnβt just tack privacy on topπ Read
via "ITPro".
IT PRO
Brave pushes the boundaries of privacy by design | IT PRO
Itβs quite a big step to abandon the big three of Chrome, Edge and Safari for a niche option that doesnβt just tack privacy on top
π’ Meta clamps down on South Asian cyber espionage operations involving Facebook π’
π Read
via "ITPro".
The firmβs latest threat intelligence report discloses successful takedowns in India, Greece, South Africa and Indonesiaπ Read
via "ITPro".
IT PRO
Meta clamps down on South Asian cyber espionage operations involving Facebook | IT PRO
The firmβs latest threat intelligence report discloses successful takedowns in India, Greece, South Africa and Indonesia
π’ South Korean public sector organisations targeted by Gwisin ransomware π’
π Read
via "ITPro".
Threat actors tailored attacks on victims such as pharmaceutical companies, with researchers still in the dark on key detailsπ Read
via "ITPro".
IT PRO
South Korean public sector organisations targeted by Gwisin ransomware | IT PRO
Threat actors tailored attacks on victims such as pharmaceutical companies, with researchers still in the dark on key details
π’ Home Office to collect foreign offenders' biometric data using smartwatch scheme π’
π Read
via "ITPro".
Facial recognition and geolocation data will be matched against Home Office, Ministry of Justice and police databasesπ Read
via "ITPro".
IT PRO
Biometrics of foreign offenders to be collected using smartwatch scheme | IT PRO
Facial recognition and geolocation data will be matched against Home Office, Ministry of Justice and police databases under the plans
π’ Both Russia and Ukraine targeted by Chinese state-backed hackers π’
π Read
via "ITPro".
A five-year-old Microsoft Office vulnerability was enough to gain a significant foothold in some of the most high-value organisations in each countryπ Read
via "ITPro".
ITPro
Defence enterprises, government agencies in Russia and Ukraine targeted by state-sponsored hackers
A five-year-old Microsoft Office vulnerability was enough to gain a significant foothold in some of the most high-value organisations in each country
π’ Why convenience is the biggest threat to your security π’
π Read
via "ITPro".
The shortcuts and human error that lead to breaches - and how to guard against themπ Read
via "ITPro".
IT PRO
Why convenience is the biggest threat to your security | IT PRO
The shortcuts and human error that lead to breaches - and how to guard against them
βΌ CVE-2022-2242 βΌ
π Read
via "National Vulnerability Database".
The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).π Read
via "National Vulnerability Database".
β Microsoft Patches βDogwalkβ Zero-Day and 17 Critical Flaws β
π Read
via "Threat Post".
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.π Read
via "Threat Post".
Threat Post
Microsoft Patches βDogwalkβ Zero-Day and 17 Critical Flaws
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.
π΄ UntitledFlow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round π΄
π Read
via "Dark Reading".
First-of-its-kind solution discovers and protects both data at rest and in motion.π Read
via "Dark Reading".
Dark Reading
Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round
First-of-its-kind solution discovers and protects both data at rest and in motion.
ποΈ Cisco router flaw gives patient attackers full access to small business networks ποΈ
π Read
via "The Daily Swig".
Vulnerable path is reachable just once a day, but patches still need to be implemented as a matter of priorityπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Cisco router flaw gives patient attackers full access to small business networks
Vulnerable path is reachable just once a day, but patches still need to be implemented as a matter of priority
π΄ Compliance Certifications: Worth the Effort? π΄
π Read
via "Dark Reading".
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.π Read
via "Dark Reading".
Dark Reading
Compliance Certifications: Worth the Effort?
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.
βΌ CVE-2022-36324 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46304 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70ΓΒ°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70ΓΒ°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 MASTER MODULE WITH GPRS (All versions). The component allows to activate a web server module which provides unauthenticated access to its web pages. This could allow an attacker to retrieve debug-level information from the component such as internal network topology or connected systems.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34661 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34660 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34659 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36323 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36325 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.π Read
via "National Vulnerability Database".
π΄ Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape π΄
π Read
via "Dark Reading".
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.π Read
via "Dark Reading".
Dark Reading
Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.