Category: alerts
Category Added in a WPeMatico Campaign
-
80% of Global Enterprises Report Firmware Cyberattacks
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags. Read more
-
Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack
Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. Read more
-
Building a Fortress: 3 Key Strategies for Optimized IT Security
Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize. Read more
-
Vulnerability Summary for the Week of March 22, 2021
Original release date: March 29, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apache — ofbiz Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. 2021-03-22 7.5 CVE-2021-26295 MLIST CONFIRM MLIST MLIST MLIST apache —… Read more
-
Employee Lockdown Stress May Spark Cybersecurity Risk
Younger employees and caregivers report more stress than other groups– and more shadow IT usage. Read more
-
Vulnerability Summary for the Week of March 15, 2021
Original release date: March 22, 2021 | Last revised: March 24, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info adobe — creative_cloud_desktop _application Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call… Read more
-
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Original release date: March 18, 2021 Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following CISA Alerts: AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical… Read more
-
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data
A glitch in Zoom’s screen-sharing feature shows parts of presenters’ screens that they did not intend to share – potentially leaking emails or passwords. Read more
-
Cisco Plugs Security Hole in Small Business Routers
The Cisco security vulnerability exists in the RV132W ADSL2+ Wireless-N VPN Routers and RV134W VDSL2 Wireless-AC VPN Routers. Read more
-
Tutor LMS for WordPress Open to Info-Stealing Security Holes
The popular learning-management system for teacher-student communication is rife with SQL-injection vulnerabilities. Read more