News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak points

70 percent of XIoT vulnerabilities critical or high
March 15, 2023
| No comments
| Stories
70 percent of XIoT vulnerabilities critical or high

The new State of XIoT Security Report: 2H 2022 shows that 71 percent of vulnerabilities were rated with a CVSS v3 score of “critical” (9,0-10) or “high” (7,0-8,9). Almost two-thirds of XIoT vulnerabilities can be exploited remotely. Vulnerabilities in cyber-physical systems that became known in the second half of 2022 have decreased by 2021 percent since the peak in the second half of 14. At the same time, vulnerabilities discovered by internal research and product security teams have increased by 80 percent over the same period. Sharp increase in XIoT vulnerabilities This is shown by the new State of XIoT Security Report: 2H…

Read more

Study: Obstacles to Cyber ​​Resilience
March 3, 2023
| No comments
| Stories
Study: Obstacles to Cyber ​​Resilience

The IDC study "Building the Case for a Virtuous Cycle in Cybersecurity" calls for the introduction of a "virtuous cycle" model in its analysis for more cyber resilience in order to close critical security gaps. The study also highlights that AI may be the solution for improved detection and response. The biggest challenge for cybersecurity professionals is managing the large amounts of data they receive from various alert systems. They struggle to prioritize and contextualize these effectively. They also find it difficult to identify the key measures needed to effectively contain threats and vulnerabilities...

Read more

Container images: 87 percent with high-risk vulnerabilities
March 1, 2023
| No comments
| Stories
Container images: 87 percent with high-risk vulnerabilities

According to the Sysdig study, 87 percent of container images are said to have high-risk vulnerabilities. The 2023 Cloud-Native Security and Usage Report finds massive risk in the supply chain, along with more than $10 million in wasteful spending on large-scale cloud deployments. Sysdig, the leader in cloud and container security, announces the results of the "Sysdig 2023 Cloud-Native Security and Usage Report". The report, which focuses on two themes this year, shows that supply chain risk and readiness to implement a Zero Trust architecture are the top unresolved security issues in cloud and container environments...

Read more

Microsoft DCOM hardening tool discovers vulnerabilities
14. February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Open-source detection tool uncovers vulnerabilities in DCOM ahead of Microsoft's March 2023 patch. Users can quickly determine if their networks contain unsecured DCOM made unusable by the new Microsoft patch. OTORIO has released the open-source Microsoft Distributed Component Object Model (DCOM) Hardening Toolkit. The aim is to protect OT systems from possible problems related to an upcoming Microsoft patch. Because Microsoft itself writes: “14. March 2023, hardening changes are enabled by default with no option to disable them. At this point, you must resolve any compatibility issues with the hardening changes and applications in your environment." Test,…

Read more

Top List for Malware, Vulnerabilities, Attacks
28 January 2023
| No comments
| PR News
Top List for Malware, Vulnerabilities, Attacks

Check Point Software has released its latest Global Threat Index for December 2022. In terms of malware, QBot has now overtaken Emotet, the Web Server Exposed Git Repository Information Disclosure is the most widely exploited vulnerability, and attackers continue to target the education and research sectors most. Qbot, a sophisticated Trojan that steals bank details and keystrokes, overtook Emotet on its return last month to become the most prevalent malware, affecting 13,49 percent of businesses in Germany. Emotet rises to second place with 5,12 percent...

Read more

Security: Bosses fall for phishing the most
27 January 2023
| No comments
| PR News
Security: Bosses fall for phishing the most

While decision-makers and bosses expect employees to have a high level of cyber security awareness, they most often fall for phishing, use bad passwords or share them outside of the company. An interesting Ivanti study. The security provider Ivanti has published the results of the international study "State of Security Preparedness 2023". Accordingly, German companies are only partially able to effectively fend off attacks. There are major gaps, especially in the areas of patch management and protection against attacks via the supply chain. For the study, Ivanti recruited 6.500 employees worldwide from three functional levels...

Read more

Chrome: New patches for security vulnerabilities
26 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

All Chrome users should take the time to update to version 109.0.5414.119 /.120. With the update, Google closes 4 security gaps, 2 of which are considered highly dangerous. An update is done quickly. A user and experts have found new vulnerabilities in Chrome and reported them to Google. There they reacted immediately and incorporated the patches into a new version. The official or stable build is 109.0.5414.119 /.120 for Windows, for Mac and Linux Mac and Linux to 109.0.5414.119. Two Serious Vulnerabilities While the first vulnerability was found in the WebTransport (CVE-2023-0471) of the client-server transfer engine…

Read more

BSI warns: Multiple vulnerabilities in Microsoft Edge
17 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI has issued a warning about vulnerabilities in the new Chromium-based web browser Edge. Users should update the browser on MacOS X or Windows, since attackers could execute arbitrary program code and escalate their privileges. The Federal Office for Information Security warns of two vulnerabilities in the new Chrome-based browser Edge. The vulnerabilities CVE-2023-21775 and CVE-2023-21796 are classified as “High” dangerous with a CVSS Base Score of 8.3. In this way, attackers could exploit the vulnerabilities to execute arbitrary program code and thus increase their privileges on the system. Open Edge...

Read more

Defense against container-based zero-day attacks
9 January 2023
| No comments
| PR News
Defense against container-based zero-day attacks

A new cloud-native security solution can stop zero-day attacks and shield critical production vulnerabilities until a patch can be applied. Aqua Security introduces the eBPF Lightning Enforcer. Powered by new eBPF technology, Lightning Enforcer provides full visibility into running workloads, making it easy for security professionals to identify and stop even advanced attacks in real time. Shift Left is an important factor in preventing vulnerabilities, misconfigurations, and software supply chain threats from entering production environments. However, sometimes this security approach is not enough. This has led to a…

Read more

2022: Hackers discover over 65.000 software vulnerabilities
6 January 2023
| No comments
| PR News
2022: Hackers discover over 65.000 software vulnerabilities

New Hacker-Powered Security Report from HackerOne: Digital transformation and cloud migration are fueling the rise in security vulnerabilities. Ethical hackers uncovered over 2022 software vulnerabilities in 65.000, a 21 percent increase from the previous year. HackerOne, the security platform for Attack Resistance Management, today released its 2022 Hacker-Powered Security Report. The report shows that the HackerOne community of ethical hackers uncovered over 2022 software vulnerabilities in 65.000, a 21 percent increase from the previous year. 65.000 vulnerabilities fewer reports of vulnerabilities emerging during digital transformation projects recorded…

Read more

© 2024 MedPressIT GbR
Cookie Settings