10 Nov 2022

SAP Patches Critical Vulnerabilities in BusinessObjects, SAPUI5

SAP, a German software maker, has announced the release of nine new security notes. The security patches were released as part of the company’s November Security Patch day, which includes fixes for two critical bugs. The critical flaws lie in BusinessObjects and SAPUI5. Additionally, the company released updates to two

Read More
19 Sep 2022

Allies Warn of Iranian Ransom Attacks Using Log4Shell

Cybersecurity agencies that are located in the US, UK, Australia, and Canada have warned that Iranian state-sponsored hackers are exploiting Log4j vulnerabilities in ransomware campaigns. The alert was published earlier this week and claims that the Islamic Revolutionary Guard Corps (IRGC) was responsible for multiple attacks that leveraged the VMware

Read More
19 Sep 2022

CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added six previously identified flaws to its Known Exploited Vulnerabilities Catalog. The addition was made last week, and the vulnerabilities are a frequent attack vector for threat actors, the agency stated. The CISA also noted that the flaws, although old, post

Read More
29 Jun 2022

Pentagon finds concerning vulnerabilities on blockchain

A report commissioned by the Pentagon concluded that the blockchain is not decentralized, is vulnerable to attacks and is running outdated software. The report, “Are Blockchains Decentralized, Unintended Centralities in Distributed Ledgers”, uncovered that a subset of participants can “exert excessive and centralized control over the entire blockchain system.” The findings

Read More
22 Jun 2022

56 Vulnerabilities Discovered in OT Products From 10 Different Vendors

Multiple sources have confirmed the discovery of a total of 56 vulnerabilities in OT products from 10 vendors, including popular companies Honeywell, Siemens, and Emerson. According to security researchers, most of the vulnerabilities are due to a lack of basic security mechanisms such as authentication and encryption. In addition, researchers

Read More
26 May 2022

U.S. Cybersecurity Agency ‘Strongly Urges’ You Patch These 75 Actively Exploited Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) has identified 75 security vulnerabilities that pose a significant risk to its list of flaws that should be patched immediately. All of the vulnerabilities are known to be actively exploited, heightening the risk of an attack. For organizations, there are risks of

Read More
18 May 2022

Vulnerabilities found in Bluetooth Low Energy gives hackers access to numerous devices

Cybersecurity researchers at NCC Group have found a critical flaw in Bluetooth Low Energy (BLE) receivers. The flaw may grant cyber criminals access to a range of devices, including phones, laptops, cars, and houses. NCC Group details how BLE uses proximity to authenticate that the user is within a close

Read More
02 May 2022

Massive New Security Update For 3.2 Billion Chrome Users Confirmed

Google Chrome security has experienced a busy past few weeks and there is no sign of slowing down. Just days after two emergency fixes for vulnerabilities being exploited in the wild and a record number of Chromium zero-days across 2021 was announced, Google has released another massive security update that

Read More
01 Mar 2022

Healthcare Org Hit By Two Ransomware Gangs At Once

Security experts at Sophos have reported a recent scenario in which two competing threat groups deployed ransomware on the victim’s network simultaneously. One of the groups was the Russia-linked Conti APT while the other is known as Karma. Karma counts Russian IP addresses among some of its top targets. The

Read More
10 Dec 2021

Lack of Patching Leaves 300,000 Routers at Risk for Attack

Hundreds of thousands of routers produced by a Latvian network hardware firm MikroTik are still vulnerable to at least one of four vulnerabilities that are over a year old. These vulnerabilities are most likely being used by attackers as their operational infrastructure. Approximately 94% of the 2 million routers deployed

Read More