24 Jun 2021

30M Dell Devices at Risk for Remote BIOS Attacks, RCE

A faulty update mechanism has left an estimated 30 million individual Dell endpoints worldwide, according to an analysis by Eclypsium. Dell is currently facing four separate security bugs that would give attackers almost complete control and persistence over targeted devices by allowing remote adversaries to gain arbitrary code execution in

Read More
24 Jun 2021

Ransom Leak Sites Reveal 422% Annual Increase in Victims

Mandiant claims to have detected a 422% increase in victim organizations announced by ransomware groups via their leak sites year-on-year between the first quarter of 2020 and Q1 2021. Over three-quarters of consumers and cybersecurity professionals want to completely outlaw ransom payments as the number of victims per year keeps

Read More
24 Jun 2021

79% of Third-Party Libraries in Apps Are Never Updated

According to a recent analysis conducted by Veracode, 79% of third-party libraries are never updated after including them in a codebase. Most libraries can be easily updated without disrupting application functionality, according to Veracode. However, the company analyzed the results of 13 million scans of 86,000 customer repositories containing more

Read More
24 Jun 2021

One-click account takeover vulnerabilities in Atlassian domains patched

Check Point Research released a report on a series of vulnerabilities in Atlassian that have since been patched, stating that the bugs were found in the software solution provider’s online domains, used by thousands of enterprise clients worldwide. The vendor is based in Australia and provides tools such as Confluence,

Read More
23 Jun 2021

Councils Reported Over 700 Data Breaches in 2020

In 2020, hundreds of councils across the UK suffered from data breaches, according to new Freedom of Information research produced by Redscan. Redscan utilized official FOI responses from 60% of the country’s 398 local authorities to compile the new report, Disjointed and Under-Resourced: Cybersecurity across UK Councils. The managed security

Read More
23 Jun 2021

Nearly 10% of SMB Defense Contractors Show Evidence of Compromise

According to a new report released by Cybersecurity vendor BlueVoyant, more than half of SMB contractors in the US defense supply chain are critically vulnerable to ransomware attacks. BlueVoyant analyzed a sample of 300 smaller contractors from a defense industrial base estimated to have roughly 100,000-300,000 suppliers. The investigation showed

Read More
23 Jun 2021

SonicWall ‘Botches’ October Patch for Critical VPN Bug

SonicWall’s patch for a critical VPN bug has turned out to be insufficient in fixing the vulnerability, leaving more than 80,000 devices vulnerable to remote code execution for months. The patch was released in October, however, was ineffective. SonicWall finally released a complete fix this week for the RCE flaw

Read More
22 Jun 2021

Ohio Medicaid Provider Suffers Data Breach

On Monday, the Ohio Department of Medicaid warned that they had detected unauthorized access to their network. The breach occurred for two days in May and may have resulted in the theft of personal data, according to the organization. The data impacted was in the care of Maximus, a company

Read More
22 Jun 2021

Fifth of Google Play Apps Violate Child Protection Law

A recent study by consumer rights firm Comparitech found that one in five apps available on the Google Play Store that are designed for children break federal law regarding child protection. Comparitech analyzed the top 300 free and top 200 paid apps on the marketplace under the children and family

Read More
22 Jun 2021

Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft

NVIDIA has patched nine high severity bugs found in its Jetson SoC framework pertaining to the way the program handles low-level cryptographic algorithms. The flaws allegedly impact millions of IoT devices utilizing the Jetson chips. This leaves the devices vulnerable to a variety of attacks, including denial-of-service (DoS) and data

Read More