News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak points

Google Chrome: Update closes 20 vulnerabilities
July 22, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Many highly dangerous vulnerabilities have again been found via Chrome's bug bounty program. The current Chrome update to version 115.0.5790.98/99 closes 20 vulnerabilities - 4 of which are classified as "highly dangerous" The current Chrome update contains a total of 20 updates, including 4 updates for highly dangerous vulnerabilities. In companies, the admins ensure that Chrome remains up to date. Individual companies and SMEs should definitely click in the help area - the further update happens automatically. Work PCs often run through and as long as the browser is not closed and reopened, no update happens! Chrome version 115.0.5790.98/99 closes gaps…

Read more

New vulnerabilities: OneNote, macros, UEFI
July 9, 2023
| No comments
| PR News
New vulnerabilities: OneNote, macros, UEFI - Photo by AltumCode on Unsplash

The threat report shows new attack methods: Cyber ​​criminals exploit UEFI vulnerabilities and misuse Microsoft file formats to circumvent macro security functions. The number of IT attacks averted is stagnating at a high level. This emerges from the current threat report from G DATA CyberDefense. There are numerous vulnerabilities that cybercriminals consistently exploit. How UEFI bootkits disable security features and make systems vulnerable. Another scam used by attackers is manipulated OneNote or Publisher files that contain malware. Vulnerabilities are exploited immediately The current threat report from G DATA CyberDefense proves that attackers quickly react to a changed situation...

Read more

BSI: Critical 9.8 vulnerabilities in Nessus vulnerability scanner
July 6, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Federal Office for Information Security (BSI) warns of critical 9.8 vulnerabilities in Nessus, the vulnerability scanner, which can check not only known vulnerabilities but also software patch levels and configurations. According to Tenable, a quick update is recommended. According to Tenable, the makers of the Nessus Network Monitor vulnerability scanner, the platform uses third-party software to provide certain functionality. Now, the company has discovered that several third-party components have many highly dangerous and even critical vulnerabilities. Therefore, the providers have made an updated version available. Fix 174 vulnerabilities with one version The…

Read more

AI-powered cybersecurity analysis for vulnerabilities
July 6, 2023
| No comments
| AI, ML, new technology, PR News
AI-assisted cybersecurity analysis for vulnerabilities - Image by DIY Team on Pixabay

With the Vantage IQ solution, Nozomi Networks has the first AI-powered solution for analyzing and responding to security vulnerabilities and resource limitations in mission-critical operational infrastructures. It allows these gaps and limitations to be quickly addressed. Vantage IQ is available as an add-on to Vantage, Nozomi Networks' SaaS-based security management platform. It provides actionable insights into real-world threats and how to address them, leveraging artificial intelligence (AI) and machine learning (ML). This advanced human-machine collaboration strengthens the cybersecurity and resilience of organizations with critical infrastructures. At the same time it helps...

Read more

MOVEit Disaster: 3rd Vulnerability - Run 3rd Patch!
June 16, 2023
| No comments
| PR News
MOVEit Disaster: 3rd Vulnerability - Run 3rd Patch!

Manufacturer Progress Software has just released the 2nd update for MOVEit Transfer and MOVEit Transfer Cloud, so the company is now quickly adding a patch for a 3rd vulnerability. Just one day earlier, it was said that no further vulnerabilities were expected. Again it is a SQL injection vulnerability - a patch is essential! The report on the 2nd vulnerability has just appeared here on B2B-Cyber-Security.de, and there is a report on the 3rd vulnerability right away. Companies using MOVEit Transfer must patch the vulnerability. The right patch is already available...

Read more

BSI reports: FortiOS with highly dangerous vulnerabilities
June 15, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In its security warning WID-SEC-2023-1438, the BSI reports that attackers can use several vulnerabilities to carry out a DoS attack in Fortinet FortiOS or to implement any code. Fortinet's Product Security Incident Response Team (PSIRT) provides update guidance. The BSI's report on the vulnerabilities in FortiOS links directly to Fortinet's Product Security Incident Response Team (PSIRT). There the high risk vulnerabilities are listed with CVSSv3 scores of 6,4, 7,3 and 8,3. However, the BSI writes of an 8,8 rating. FortiOS vulnerability: Attackers can launch DoS attack This means the vulnerabilities and…

Read more

BSI warns: Thunderbird with highly dangerous 7,8 vulnerabilities
June 14, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Experts and specialists have found highly dangerous vulnerabilities in Thunderbird that are classified as highly dangerous according to CVSS with a value of 7,8. The CVE-2023-34416 and CVE-2023-34414 vulnerabilities contain a memory security flaw and allow clickjacking. An update to version 102.12 ends the danger. The popular e-mail client Thunderbird has two vulnerabilities that are considered highly dangerous with a CVSS value of 7,8. The BSI has also communicated the security information under number WID-SEC-2023-1414. The bugs are easy to fix. An update to Thunderbird version 102.12 is sufficient. However, many users and companies have the default setting for Thunderbird...

Read more

Qbot remains top malware
30 May 2023
| No comments
| PR News
Qbot remains top malware

The Qbot campaign, which occurred last month, uses a new delivery method in which an email is sent to the target individuals along with an attachment containing protected PDF files. Once these are downloaded, the Qbot malware will be installed on the device. The researchers found that the malspam was sent in multiple languages, meaning organizations could be targeted worldwide. Mirai, one of the most popular IoT malware, also made a comeback last month. Researchers discovered that Mirai exploits a new zero-day vulnerability (CVE-2023-1380) to attack TP-Link routers and add them to its botnet, which is used for some of the most distributed...

Read more

Vulnerabilities in Netgear Nighthawk RAX30 routers
27 May 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A combination of five vulnerabilities in Netgear Nighthawk RAX30 routers allows attackers to monitor and manipulate Internet traffic and take over connected smart devices. Security researchers from Team82, the research department of cyber-physical systems (CPS) security specialist Claroty, have discovered five vulnerabilities in the widely used Netgear Nighthawk RAX2 router as part of the Pwn30Own competition. Vulnerability set opens the door Successful exploitation of this vulnerability set allows attackers to monitor users' Internet activities, hijack Internet connections and redirect traffic to malicious websites or inject malware into network traffic. Over and beyond…

Read more

Well-known vulnerabilities remain unnoticed
25 May 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Earlier this week, CISA announced that it had added new Linux vulnerabilities to its catalog, warning that they are being actively exploited. Recent additions to the Cybersecurity and Infrastructure Security Agency's (CISA) Catalog of Vulnerabilities Exploited (KEV) include multiple vulnerabilities in the Linux kernel, as well as other vulnerabilities dating back more than 12 years. While the exact details of how these vulnerabilities were exploited, whether recent or historical, are unknown, there is a trend in which cybercriminals have been successfully targeting known vulnerabilities, particularly those with…

Read more

© 2024 MedPressIT GbR
Cookie Settings