News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak points

Chinese cyber attackers target zero-day vulnerabilities
28 March 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Found zero-day vulnerabilities are often exploited by individual APT groups. According to Mandiant, Chinese cyberattackers are targeting more and more zero-day vulnerabilities. The report documents the role of the groups and the vulnerabilities exploited. Mandiant's new Fortinet vulnerability report reveals that routers and internet-connected devices on corporate networks are inadequately protected against cyberattacks. There are simply not enough tools to protect these systems. Chinese spies at work Suspected Chinese spies exploited a zero-day vulnerability with a new type of malware designed specifically for network security devices. Even devices used by government and…

Read more

SAP patches close serious security gaps
20 March 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

On its patch day, SAP published a list of 19 new security gaps and related updates. This is also necessary because the list contains two critical vulnerabilities with CVSS scores of 9.9 out of 10 and three other critical vulnerabilities with CVSS 9.6 to 9.0. As almost every month, it is worth taking a look at the SAP Patch Day Blog. The month of March 2023 again shows a large list of security gaps. According to the Common Vulnerability Scoring System - CVSS - 19 of the 5 security gaps listed and the corresponding updates are...

Read more

Top malware in Q1-2023: Qbot, Formbook, Emotet
20 March 2023
| No comments
| Stories
Top malware in Q1-2023: Qbot, Formbook, Emotet

Check Point's Spring 2023 Global Threat Index shows Qbot, Formbook, and Emotet malware as the most threatening, HTTP Headers Remote Code Execution vulnerability on the rise, and retail as an industry most under attack. Check Point has published its Global Threat Index for January 2023. Qbot, a sophisticated Trojan that steals banking information and keystrokes, remains at the top. Emotet slips to third place in Germany. With regard to sectors and areas, retail was attacked in Germany in particular. Maya Horowitz, VP Research at...

Read more

Critical vulnerabilities in Lexmark printers
18 March 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The manufacturer of corporate printers Lexmark has once again warned its users of critical vulnerabilities. In dozens of its models there are four vulnerabilities in the firmware with a CVSSv3 score of 9.0, one 8.5 and one 8.0 out of 10. Users should update the firmware accordingly. A few weeks ago, Lexmark had to ask many of its users to update the firmware for many of its printers. Now there is already a large number of dangerous vulnerabilities. The update is recommended for companies and administrators, as the CVSSv3 values ​​​​are 9.0 out of 10 in four cases and are classified as critical…

Read more

70 percent of XIoT vulnerabilities critical or high
15 March 2023
| No comments
| Stories
70 percent of XIoT vulnerabilities critical or high

The new State of XIoT Security Report: 2H 2022 shows that 71 percent of vulnerabilities were rated with a CVSS v3 score of “critical” (9,0-10) or “high” (7,0-8,9). Almost two-thirds of XIoT vulnerabilities can be exploited remotely. Vulnerabilities in cyber-physical systems that became known in the second half of 2022 have decreased by 2021 percent since the peak in the second half of 14. At the same time, vulnerabilities discovered by internal research and product security teams have increased by 80 percent over the same period. Sharp increase in XIoT vulnerabilities This is shown by the new State of XIoT Security Report: 2H…

Read more

Study: Obstacles to Cyber ​​Resilience
3 March 2023
| No comments
| Stories
Study: Obstacles to Cyber ​​Resilience

The IDC study "Building the Case for a Virtuous Cycle in Cybersecurity" calls for the introduction of a "virtuous cycle" model in its analysis for more cyber resilience in order to close critical security gaps. The study also highlights that AI may be the solution for improved detection and response. The biggest challenge for cybersecurity professionals is managing the large amounts of data they receive from various alert systems. They struggle to prioritize and contextualize these effectively. They also find it difficult to identify the key measures needed to effectively contain threats and vulnerabilities...

Read more

Container images: 87 percent with high-risk vulnerabilities
1 March 2023
| No comments
| Stories
Container images: 87 percent with high-risk vulnerabilities

According to the Sysdig study, 87 percent of container images are said to have high-risk vulnerabilities. The 2023 Cloud-Native Security and Usage Report finds massive risk in the supply chain, along with more than $10 million in wasteful spending on large-scale cloud deployments. Sysdig, the leader in cloud and container security, announces the results of the "Sysdig 2023 Cloud-Native Security and Usage Report". The report, which focuses on two themes this year, shows that supply chain risk and readiness to implement a Zero Trust architecture are the top unresolved security issues in cloud and container environments...

Read more

Microsoft DCOM hardening tool discovers vulnerabilities
14 February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Open-source detection tool uncovers vulnerabilities in DCOM ahead of Microsoft's March 2023 patch. Users can quickly determine if their networks contain unsecured DCOM made unusable by the new Microsoft patch. OTORIO has released the open-source Microsoft Distributed Component Object Model (DCOM) Hardening Toolkit. The aim is to protect OT systems from possible problems related to an upcoming Microsoft patch. Because Microsoft itself writes: “14. March 2023, hardening changes are enabled by default with no option to disable them. At this point, you must resolve any compatibility issues with the hardening changes and applications in your environment." Test,…

Read more

Top List for Malware, Vulnerabilities, Attacks
28 January 2023
| No comments
| PR News
Top List for Malware, Vulnerabilities, Attacks

Check Point Software has released its latest Global Threat Index for December 2022. In terms of malware, QBot has now overtaken Emotet, the Web Server Exposed Git Repository Information Disclosure is the most widely exploited vulnerability, and attackers continue to target the education and research sectors most. Qbot, a sophisticated Trojan that steals bank details and keystrokes, overtook Emotet on its return last month to become the most prevalent malware, affecting 13,49 percent of businesses in Germany. Emotet rises to second place with 5,12 percent...

Read more

Security: Bosses fall for phishing the most
27 January 2023
| No comments
| PR News
Security: Bosses fall for phishing the most

While decision-makers and bosses expect employees to have a high level of cyber security awareness, they most often fall for phishing, use bad passwords or share them outside of the company. An interesting Ivanti study. The security provider Ivanti has published the results of the international study "State of Security Preparedness 2023". Accordingly, German companies are only partially able to effectively fend off attacks. There are major gaps, especially in the areas of patch management and protection against attacks via the supply chain. For the study, Ivanti recruited 6.500 employees worldwide from three functional levels...

Read more

© 2023 MedPressIT GbR
Cookie Settings