News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak points

Discovered: Criminal hackers with hacking competitions
11 October 2023
| No comments
| Short news, Sophos
SophosNews

Sophos X-Ops uncovers hacker research competitions on criminal online forums to innovate and overcome security hurdles in a new report. These cybercriminal research competitions also award individual prizes of up to $80.000. Sophos X-Ops describes in its new report “For the win? Offensive Research Contests on Criminal Forums” Hacker research contests conducted by cybercrime forums to drive new attack innovations. The competitions focus on new attack and evasion methods and reflect cybercrime trends such as taking down AV/EDR, cryptocurrency fraud and setting up command-and-control infrastructures. Hacker groups compete to find new…

Read more

Eliminate threats with EDR and AI
September 30, 2023
| No comments
| PR News
Eliminate threats with EDR and AI

Endpoint detection and response (EDR) and AI-driven tools can be used to close vulnerabilities and reduce threat response times. Malwarebytes launches EDR Extra Strength. The new solution is based on Malwarebytes' decades of experience in threat detection and prevention and provides a simple, step-by-step interface to eliminate threats. Multiple data breaches at 83% of all companies in 2022 Successful cyberattacks remain widespread despite widespread use of standard endpoint security solutions: 83 percent of all companies had data breaches last year, according to Verizon's 2022 Data Breach Investigations Report...

Read more

Microsoft Patchday is becoming increasingly important
September 18, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft's Patch Tuesday is already a classic, but it is becoming increasingly important. Companies should therefore always patch the systems immediately. Two current zero-day vulnerabilities are not rated extremely high with a CVSSv3 score of 6.2 and 7.8, respectively, but they are currently being attacked because they are so widespread. This month's Patch Tuesday includes fixes for 61 CVEs, five of which are rated critical, 55 rated important, and one rated moderate. Microsoft has also fixed two zero-day vulnerabilities that have already been exploited in the wild….

Read more

WinRAR vulnerability is already being exploited
September 17, 2023
| No comments
| Short news, TrendMicro
Trend Micro News

There have been signs of a new trend in the criminal scene for some time now. The search for vulnerabilities continues. But especially in widely used non-standard software, as updating becomes more difficult. The most recent example is the compression tool WinRAR. A comment from Trend Micro. In a statement published on August 02nd, the manufacturer RARLAB described two notable vulnerabilities whose exploitation has already been proven and/or is relatively easy to exploit. The vulnerability CVE-2023-38831 describes that malware can be “smuggled” into specially prepared archives, while CVE-2023-40477 allows code to be executed on a...

Read more

China: Companies must report vulnerabilities – hackers are already waiting
September 12, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

By law, companies in China - including foreign ones - are obliged to immediately report vulnerabilities in systems and errors in codes to a government agency. However, experts warn that China uses state-controlled hackers and could use the information about the vulnerabilities to gain almost unhindered access to companies' systems. The Atlantic Council think tank has published a report analyzing the new Chinese regulation that requires companies to report security vulnerabilities and errors in code to a government Ministry of Industry and Information Technology (MIIT) within 48 hours.

Read more

Cybercrime costs Germany 206 billion euros
September 10, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Cybercrime such as the theft of IT devices and data as well as digital espionage, industrial espionage and sabotage will cost Germany around 2023 billion euros in 206, as Bitkom announced on Friday. The damage will exceed the 200 billion euro mark for the third year in a row, according to a Bitkom survey of more than 1.000 companies. “The German economy is a highly attractive target for criminals and hostile states. The boundaries between organized crime and state-controlled actors are fluid,” explained Bitkom President Ralf Wintergerst. Prevention as a challenge for security teams “The threat of cyber attacks has never been...

Read more

New ransomware and self-replicating worm discovered
August 22, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Unit 42, the research team at Palo Alto Networks, has published a research report on a new peer-to-peer (P2P) worm targeting the cloud, dubbed P2PInfect. This worm targets vulnerable Redis systems with container-effective exploits. At the same time, Unit 42 also published a report on Mallox ransomware. Researchers observed an almost 50 percent increase in activity, with MS-SQL servers being exploited to spread the ransomware. On July 11, 2023, Unit 42 cloud researchers discovered a new peer-to-peer (P2P) worm they dubbed P2PInfect. This – in the…

Read more

Zero Day Initiative: 1.000 vulnerability reports published
August 21, 2023
| No comments
| Data Security & Backup, Stories, TrendMicro
Zero Day Initiative: 1.000 vulnerability reports published

The Zero Day Initiative published over 1 vulnerability reports in the first half of 2023. Among the vulnerabilities are critical Microsoft zero-days. Initiator of the Zero Day Initiative Trend Micro warns of more and more faulty or incomplete patches. Trend Micro, one of the world's leading providers of cybersecurity solutions, announces that its Zero Day Initiative (ZDI) has already published over 1.000 notices ("advisories") on individual vulnerabilities in IT products this year. Against this background, the company warns that incorrect or incomplete patches are being published more and more frequently or that the manufacturers concerned are secretly...

Read more

BSI: Industrial routers and PLCs with critical vulnerabilities
August 9, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

According to BSI: The well-known PLC manufacturer Phoenix Contact has to report a whole series of critical and highly dangerous vulnerabilities in its industrial products: TC ROUTER and TC CLOUD CLIENT, WP 6xxx web panels and in PLCnext control modules. The BSI - Federal Office for Information Security warns of critical and highly dangerous security gaps in the industrial routers TC ROUTER and TC CLOUD CLIENT from the manufacturer Phoenix Contact and calls for immediate action. The manufacturer itself also reports other critical gaps in its WP 6xxx web panels and also in PLCnext control modules. Vulnerable industrial control systems TC ROUTER,…

Read more

Report: High vulnerability rates in government applications
July 23, 2023
| No comments
| PR News
Report: High vulnerability rates in government applications

The 13th edition of the State of Software Security Report, publishes the trends in the software landscape and how security practices are evolving. Some of the results are worrying: 82 percent of applications developed in the public sector had at least one security vulnerability discovered, compared to 74 percent in private companies. The State of Software Security study shows that applications for the public sector tend to have more security vulnerabilities than applications for the private sector. The higher number of errors and vulnerabilities in applications correlates with an increased security risk. The study was carried out against the background...

Read more

© 2024 MedPressIT GbR
Cookie Settings