SAP, a German software maker, has announced the release of nine new security notes. The security patches were released as part of the company’s November Security Patch day, which includes fixes for two critical bugs. The critical flaws lie in BusinessObjects and SAPUI5. Additionally, the company released updates to two

Cybersecurity agencies that are located in the US, UK, Australia, and Canada have warned that Iranian state-sponsored hackers are exploiting Log4j vulnerabilities in ransomware campaigns. The alert was published earlier this week and claims that the Islamic Revolutionary Guard Corps (IRGC) was responsible for multiple attacks that leveraged the VMware

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added six previously identified flaws to its Known Exploited Vulnerabilities Catalog. The addition was made last week, and the vulnerabilities are a frequent attack vector for threat actors, the agency stated. The CISA also noted that the flaws, although old, post

A report commissioned by the Pentagon concluded that the blockchain is not decentralized, is vulnerable to attacks and is running outdated software. The report, “Are Blockchains Decentralized, Unintended Centralities in Distributed Ledgers”, uncovered that a subset of participants can “exert excessive and centralized control over the entire blockchain system.” The findings

Multiple sources have confirmed the discovery of a total of 56 vulnerabilities in OT products from 10 vendors, including popular companies Honeywell, Siemens, and Emerson. According to security researchers, most of the vulnerabilities are due to a lack of basic security mechanisms such as authentication and encryption. In addition, researchers

The US Cybersecurity and Infrastructure Security Agency (CISA) has identified 75 security vulnerabilities that pose a significant risk to its list of flaws that should be patched immediately. All of the vulnerabilities are known to be actively exploited, heightening the risk of an attack. For organizations, there are risks of

Cybersecurity researchers at NCC Group have found a critical flaw in Bluetooth Low Energy (BLE) receivers. The flaw may grant cyber criminals access to a range of devices, including phones, laptops, cars, and houses. NCC Group details how BLE uses proximity to authenticate that the user is within a close

Google Chrome security has experienced a busy past few weeks and there is no sign of slowing down. Just days after two emergency fixes for vulnerabilities being exploited in the wild and a record number of Chromium zero-days across 2021 was announced, Google has released another massive security update that

Security experts at Sophos have reported a recent scenario in which two competing threat groups deployed ransomware on the victim’s network simultaneously. One of the groups was the Russia-linked Conti APT while the other is known as Karma. Karma counts Russian IP addresses among some of its top targets. The

Hundreds of thousands of routers produced by a Latvian network hardware firm MikroTik are still vulnerable to at least one of four vulnerabilities that are over a year old. These vulnerabilities are most likely being used by attackers as their operational infrastructure. Approximately 94% of the 2 million routers deployed