10 Nov 2022

SAP Patches Critical Vulnerabilities in BusinessObjects, SAPUI5

SAP, a German software maker, has announced the release of nine new security notes. The security patches were released as part of the company’s November Security Patch day, which includes fixes for two critical bugs. The critical flaws lie in BusinessObjects and SAPUI5. Additionally, the company released updates to two

Read More
09 Nov 2022

Microsoft Patches Six Zero-Day Bugs this Month

During this month’s Patch Tuesday, Microsoft released a relatively low number of security updates to fix flaws plaguing its products, however, six of the patches are flaws being actively exploited in the wild. According to Microsoft, one of these flaws is called “ProxyNotShell” and lies in the Microsoft Exchange Server.

Read More
19 Sep 2022

Uber Hacker May Have Compromised Secret Bug Reports

Uber has reportedly been breached again after a threat actor claimed to have accessed its email and cloud systems as well as its internal Slack account and HackerOne tickets. The attack was announced last week and could have major effects on the ride-share company. The hacker allegedly sent screenshots to

Read More
19 Sep 2022

CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added six previously identified flaws to its Known Exploited Vulnerabilities Catalog. The addition was made last week, and the vulnerabilities are a frequent attack vector for threat actors, the agency stated. The CISA also noted that the flaws, although old, post

Read More
13 Sep 2022

High Severity Vulnerabilities Found in HP Enterprise Devices

Security researchers at Binarly have reportedly uncovered six high-severity firmware vulnerabilities. The vulnerabilities were detected over the course of the past year and were first revealed at the Black Hat 2022 conference. The flaw affect HP EliteBook devices and range in severity scores from 7.5 to 8.2. The attacker could

Read More
28 Jul 2022

Google Chrome security update fixes ‘high risk’ flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has urged IT administrators and users to implement recent updates released by Google as soon as possible to avoid the risk of an attacker leveraging several flaws that were patched in the update. Google released security updates for the Chrome browser on Mac,

Read More
22 Jun 2022

56 Vulnerabilities Discovered in OT Products From 10 Different Vendors

Multiple sources have confirmed the discovery of a total of 56 vulnerabilities in OT products from 10 vendors, including popular companies Honeywell, Siemens, and Emerson. According to security researchers, most of the vulnerabilities are due to a lack of basic security mechanisms such as authentication and encryption. In addition, researchers

Read More
26 May 2022

Google Chrome 102 arrives with 32 security fixes, one critical

Google has released a new version of Chrome, Chrome 102, that contains 32 security fixes applying to Windows, Mac, and Linux devices. The vulnerabilities were allegedly reported to Google by external researchers and consist of one critical flaw, eight high severity, nine medium severity, and seven low severity. In addition

Read More
07 Apr 2022

VMware warns of critical remote code execution bug in Workspace ONE Access

VMware has released a security advisory urging its customers to update their software to resolve critical vulnerabilities. One of the vulnerabilities present in VMware’s current software could allow for remote code execution in Workspace ONE Access. Other products impacted include VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and

Read More
16 Dec 2021

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP has been working around the clock to patch apps vulnerable to the Log4Shell flaw, releasing 21 fixes in its Patch Tuesday update. SAP has identified 32 different apps that have been affected by the critical vulnerability, which lies in the Apache Log4j Java-based jogging library that has been under

Read More