News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak points

Update: EZVIZ cameras with vulnerabilities
September 28, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Bitdefender recently published and described the vulnerabilities in 10 million EZVIZ cameras and called for the firmware to be updated. EZVIZ itself comments on this and thanks for the cooperation with Bitdefender and requests the customers to update via push notifications. BitDefender has diagnosed three security vulnerabilities in five product models of EZVIZ cameras and described them in detail. To fix the vulnerabilities (CVE-2022-2471, CVE-2022-2472) on the products and one on the cloud platform, EZVIZ has released an updated firmware. Since September 14, 2022, the public safety notice has been available on the company website at EZVIZ....

Read more

Vulnerabilities in remote iBoot power distributors
September 24, 2022
| No comments
| PR News
Vulnerabilities in remote iBoot power distributors

This could cause power failures remotely: Team82 discovers vulnerabilities in iBoot power distribution units. Almost a third of all Power Distribution Units (PDU) that can be controlled via the Internet are devices from iBoot manufacturer Dataprobe. They are also found in powered switches. Security researchers at Team82, the research arm of cyber-physical systems (CPS) security specialist Claroty, have disclosed multiple vulnerabilities in iBoot-PDU, Dataprobe's intelligent power distribution unit (PDU). The PDUs can be managed from any location via a web-based interface or a cloud-based platform. Matching code ensures shutdown By exploiting the vulnerabilities,…

Read more

Dangerous vulnerabilities in Thunderbird and Firefox
September 22, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Mozilla publishes new vulnerabilities in Thunderbird, Firefox and Firefox ESR and rates them as Important. Users or company admins should ensure quick updates, as there is a risk that malicious code can be executed. In the list of vulnerabilities, these are all classified as “high” in terms of danger. After that, only Critical comes as the highest level. Mozilla defines it this way: “Vulnerabilities can be used to collect sensitive data from websites in other windows or to inject data or code into these websites, requiring no more than normal browsing actions.” It sounds…

Read more

Uber hacked: access to internal systems and vulnerability reports stolen
September 19, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Transportation service provider Uber suffered a cyberattack in which a suspected 18-year-old hacker downloaded vulnerability reports from HackerOne and shared screenshots of the company's internal systems, email dashboard and Slack server. The screenshots shared by the hacker appear to show full access to many of Uber's critical IT systems, including the company's security software and Windows domain. Uber attacker had full access The attacker also hacked the Uber Slack server, which he used to send messages to employees saying the company was hacked. However, screenshots from Uber's Slack show…

Read more

XIoT Report: over 50 percent more IoT vulnerabilities
September 19, 2022
| No comments
| Stories
XIoT Report: over 50 percent more IoT vulnerabilities

Team1's State of XIoT Security Report: 2022H 82 shows an increase in IoT vulnerabilities, vendor self-identified vulnerabilities, and fully or partially fixed firmware vulnerabilities. On average, 125 XIoT vulnerabilities are published and fixed per month. Disclosures of vulnerabilities in IoT devices increased by 2022 percent in the first half of 57 compared to the previous six months. This is shown by the new State of XIoT Security Report: 1H 2022 from Claroty, the specialist for the security of cyber-physical systems (CPS). In the same period, the manufacturers themselves…

Read more

Vulnerability Search: Hacking-as-a-Service for Enterprises
September 16, 2022
| No comments
| PR News
Vulnerability Search: Hacking-as-a-Service for Enterprises

Citadelo now offers penetration tests as "Hacking-as-a-Service" (HaaS). With the hacker subscription, the cyber security specialist wants to ensure more cyber security and IT stability in companies across Europe by detecting weak points several times a year. In Citadelo's experience, only a fraction of the organizations in the DACH region conduct security checks at all. And if so, then usually only once a year - often in the fourth quarter. "At Citadelo, we believe this approach is a methodological error," explains Mateo Meier, member of the Citadelo Executive Board. "Hackers try all year...

Read more

Extended cloud security to all application layers
September 15, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Dynatrace, the "Software Intelligence Company", has expanded its application security module for more cloud security. It now detects and protects against vulnerabilities in runtime environments including Java Virtual Machine (JVM), Node.js and .NET CLR. Dynatrace now also supports applications based on the programming language Go. Its adoption has increased by 23 percent over the past year, making it one of the fastest growing programming languages. Real-time visibility and vulnerability assessments With these enhancements, the Dynatrace Platform is currently the only solution that offers real-time visibility and vulnerability assessments across the entire application stack. This includes custom code,…

Read more

Modern vulnerability management in IT and OT
September 7, 2022
| No comments
| PR News
Modern vulnerability management in IT and OT

The measurement and improvement of IT security has now arrived at many companies and is being pushed forward. The question of OT security, on the other hand, is still a closed book for many companies. OTORIO explains how IT and OT security can be promoted equally and what role vulnerability management and scoring play in this. What are the most efficient risk reduction measures that achieve the most effective risk reduction for a specific facility, process or an entire production facility? However, once the risk reduction measures are implemented and an acceptable residual risk remains, there is still more work to be done. The reason for this is,…

Read more

Trend Micro's Zero Day Initiative uncovers many vulnerabilities
August 31, 2022
| No comments
| Short news
Trend Micro News

Zero-day vulnerabilities are software vulnerabilities for which no patch exists to prevent exploitation of the vulnerability. According to the study, the Trend Micro Zero Day Initiative (ZDI) found 2021 percent verified security gaps in 64 - much more than providers such as Cisco, Google or Fortinet. If the vulnerability is discovered by an attacker, this can have far-reaching consequences. The zero-day vulnerabilities "Hafnium" and "Log4Shell", which became known in 2021, were particularly drastic for many German companies. But even in the first half of 2022, there were already 18 zero-day vulnerabilities that were successfully exploited by cybercriminals - including...

Read more

CISA: PAN-OS vulnerability warning
August 30, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The US Agency for Cyber ​​Security and Infrastructure Security (CISA) has included a newly found vulnerability with high severity in the operating system PAN-OS in the catalog of exploitable vulnerabilities. PAN-OS controls Palo Alto Networks firewalls. The Palo Alto Networks vulnerability recently found in PAN-OS has been filed with CISA as security problem CVE-2022-0028. The identified risk has a high severity rating of 8,6 out of 10 as it allows a remote threat actor to deploy enhanced Denial of Service (DoS) attacks without requiring authentication. Patches released for PAN-OS versions Several versions of PAN-OS are vulnerable to CVE-2022-0028….

Read more

© 2024 MedPressIT GbR
Cookie Settings