News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Report highlights cyber threats to automotive industry
Report reveals cyber threats to automotive industry

Cyber ​​Threats: The 2023 VicOne Automotive Cyberthreat Landscape Report identifies the supply chain as the primary target of increasing cyberattacks on the automotive industry. This also shows a list of cyber-based trends and incidents that have threatened the automotive industry. VicOne has unveiled its new Automotive Cyberthreat Landscape Report 2023. The comprehensive annual report on cyber threats across the automotive industry is based on data from automotive original equipment manufacturers (OEMs), suppliers and dealers worldwide and includes the following key points: Evidence of growing use and monetization of automotive data - and the associated risk of exploitation by cybercriminals A list…

Read more

Centralized vulnerability detection platform
Centralized Vulnerability Detection Platform - AI MS

Horizon IOC: Check Point integrates a new platform into its IT security architecture. This means there is now central management of vulnerability detection for Horizon XDR/XPR and Playblocks. The innovative platform fits seamlessly into the Horizon architecture and can be easily integrated into the Horizon XDR/XPR and Playblocks products. The latter fill Horizon IOC automatically after the integration. With their help, Indicators of Compromise (IOC) can be evaluated much more easily than before. Consolidating data into one point Horizon IOC merges data from various sources, including other Check Point products, SOC teams, and…

Read more

Vulnerabilities in critical infrastructures
B2B Cyber ​​Security ShortNews

A global leader in cybersecurity solutions, today released “SIERRA:21 – Living on the Edge,” an analysis of 21 newly discovered vulnerabilities in OT/IoT routers and open source software components. The report was written by Forescout Research – Vedere Labs, which specializes in uncovering security vulnerabilities in critical infrastructure. The analysis highlights the ongoing risk to critical infrastructure and highlights possible mitigation measures. “SIERRA:21 – Living on the Edge” describes research on Sierra Wireless AirLink cellular routers and a number of associated open source components such as TinyXML and OpenNDS. Sierra Wireless Routers Are Popular: An Open Database on Wi-Fi Networks…

Read more

Researchers hack encrypted Bluetooth connections
B2B Cyber ​​Security ShortNews

Researchers at Eurecom University in the south of France have discovered Bluetooth vulnerabilities and developed attacks for them. The so-called “BLUFFS” can be used to break into Bluetooth sessions, spoof the device identity and carry out man-in-the-middle attacks. The “BLUFFS” attacks by Eurecom researchers are tough: they rely on vulnerabilities in the structure of Bluetooth. Daniele Antonioli, Assistant Professor at Eurecom University, has discovered the possibilities for Bluetooth attacks that exploit previously unknown vulnerabilities in the Bluetooth standard. The vulnerabilities relate to how session keys are derived to decrypt data in exchange. Weak points in the Bluetooth architecture The defects found…

Read more

Veeam ONE: Hotfix for critical vulnerabilities is available 
B2B Cyber ​​Security ShortNews

Veeam is informing its users about two critical and two medium vulnerabilities in Veeam One for which patches are already available. The critical gaps have a CVSS v3 value of 9.9 and 9.8 out of 10. Those responsible should therefore act immediately. The vulnerabilities with the code CVE-2023-38547 and CVE-2023-38548 describe a high level of danger in Veeam ONE. The following versions are affected: Veeam ONE 12 P20230314 (12.0.1.2591) Veeam ONE 11a (11.0.1.1880) Veeam ONE 11 (11.0.0.1379) Two critical vulnerabilities in Veeam One The first vulnerability CVE-2023-38547 with a CVSS v3.1. 9.9:XNUMX in Veeam ONE allows an unauthenticated user to…

Read more

Identify vulnerabilities faster – reduce cyber risks
Reduce cyber risks: Tanium announces new modules

Tanium's new modules help you identify vulnerabilities more quickly and improve digital employee experiences. All of these points reduce cyber risks for companies. Tanium, endpoint management specialist, has added new Tanium Digital Employee Experience (DEX) features to its platform. This is a new module for XEM Core. The new products, features and updates are designed to expand Tanium's core capabilities and improve its performance and usability. The new features include: How the new functions for DEX automatically solve problems with digital…

Read more

Cyber ​​defense: This is how AI and humans can complement each other
Cyber ​​defense: This is how AI and humans can complement each other

AI is becoming increasingly important in cyber defense. But to what extent should companies leave their security to AI and what role should humans play in this? Finally, attackers are now using more and more AI techniques. For many companies, an attack on their infrastructure has long been a question of “when” instead of “if”. According to current statistics, attacks in Germany increased by 2022 percent in 27 compared to the previous year. According to a Bitkom study, 84 percent of companies in Germany have already fallen victim to a cyber attack, and just under...

Read more

FortiOS and FortiSandbox with highly dangerous vulnerabilities
B2B Cyber ​​Security ShortNews

Fortinet has published new security advisories on the vulnerabilities in FortiOS and FortiSandbox. The CVSS values ​​are between 7.3 and 7.9 and are therefore considered highly dangerous. IT security managers should make updates immediately. The highly dangerous vulnerabilities and the possible consequences are described in detail in Fortinet's security advisories. FortiOS - Improper Authorization via Prof-Admin Profile (CVSSv3 7.4) Issue: An improper authorization vulnerability in the WEB UI component of FortiOS could allow an authenticated attacker with the prof-admin profile to perform elevated actions. Solution: FortiOS 7.4 is not affected, FortiOS 7.2 7.2.0 to…

Read more

Manage vulnerabilities and attack surfaces
Manage vulnerabilities and attack surfaces

Since the attack surface is constantly growing in all companies, exposure management and weak point and vulnerability management are becoming increasingly important. The launch of ExposureAI adds new generative AI capabilities and services to the Tenable One exposure management platform. At the same time, the company is introducing “Tenable Exposure Graph,” a Snowflake-based data lake that feeds the ExposureAI engine. This unified data platform, encompassing more than a trillion unique exposures, IT assets and security findings (vulnerabilities, misconfigurations and identities) across IT, public cloud and OT environments, is the world's largest repository of contextual exposure data and...

Read more

Discovered: Criminal hackers with hacking competitions
SophosNews

Sophos X-Ops uncovers hacker research competitions on criminal online forums to innovate and overcome security hurdles in a new report. These cybercriminal research competitions also award individual prizes of up to $80.000. Sophos X-Ops describes in its new report “For the win? Offensive Research Contests on Criminal Forums” Hacker research contests conducted by cybercrime forums to drive new attack innovations. The competitions focus on new attack and evasion methods and reflect cybercrime trends such as taking down AV/EDR, cryptocurrency fraud and setting up command-and-control infrastructures. Hacker groups compete to find new…

Read more