Security vulnerabilities news stories - Page 1
Developments in phishing and how to protect your business
Phishing, the practice of sending malicious emails to encourage users to perform actions that benefit an attacker, is a key security concern for modern businesses due to its prevalence and impact.
NCSC, international partners issue cyber security advisory
The National Cyber Security Centre (NCSC) has issued a cyber security advisory in collaboration with its international partners detailing common vulnerabilities and exposures.
Attacks on critical infrastructure continue - Trellix report
“We’re at a critical juncture in cybersecurity and observing increasingly hostile behaviour across an ever-expanding attack surface."
Vulnerabilities on the rise - public sector at risk
New Invicti Research has found that vulnerabilities are rising, and that government and education sectors are particularly at risk.
Widespread threats increase by 38% in 2021 - Rapid7 report
Rapid7 has released its latest Vulnerability Intelligence Report detailing the most significant security vulnerabilities and cyber attacks in 2021.
Four ways to secure cloud workloads and your crown jewels
Organisations need to understand what makes cloud workloads so vulnerable, how attacks play out and why adopting runtime protection is the best practice approach.
The patch management challenge
We all know that patching is important, so why is the physical process for updating systems across the enterprise still so difficult?
New report shows increase of ICS vulnerabilities in critical infrastructure
The amount of Industrial Control System (ICS) vulnerabilities in critical infrastructure sectors have been found to have increased by 110% over the last four years, according to a new report by Claroty.
Five cyber threat trends and what they mean to your business
The recent Russia-Ukraine crisis has unearthed the worrying possibilities of widespread cybersecurity threats, further highlighting the importance of the role threat intelligence plays in protecting infrastructure.
Kaspersky uncovers multiple vulnerabilities in wearable tracking technology
Kaspersky's researchers have found 33 vulnerabilities in the most commonly used protocol for transferring data from wearable devices worn by patients for remote monitoring.
Qualys adds advanced remediation capabilities to Cloud Platform
The new update enables organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Nucleus Security teams up with Mandiant to enhance vulnerability management programs with threat intelligence
Nucleus Security has entered into a strategic partnership with Mandiant, the leader in dynamic cyber defense and response.
Container adoption approaching maturity at expense of security best practices
More than 75% of running containers have vulnerabilities, partly as a result of ignoring security and operational best practices.
Supply chain vulnerability identified in SAP transport system
SecurityBridge has identified a methodology that allows internal attackers without privileged rights to intervene undetected in the SAP software distribution process.
Vulnerabilities pose danger to SonicWall SMA 100 remote access appliances
SonicWall and Australia’s ACSC are urging all businesses using SonicWall SMA 100 Series appliances to patch the devices as soon as possible.
Hundreds of Australian corporations identified with email security vulnerabilities
A security researcher from CanIPhish.com has discovered over 200 well-known Australian corporations with email security vulnerabilities.
Gartner explains what security leaders need to know, and do, about Log4j
Jonathan Care explains some risks the vulnerability poses for organisations and the steps security leaders should take to secure their enterprise systems against potential associated threats.
A new tool to help the MSP community combat Log4j
Datto is encouraging all MSPs to download a free script developed and made available on GitHub for any Remote Monitoring and Management solution.
1 in 10 servers and web apps vulnerable to Log4Shell
According to telemetry data from cybersecurity company Tenable, as of the 21st of December 2021, only 70% of organisations have even scanned for the Log4Shell vulnerability.
What is Log4J and how does it affect you?
Norton Labs answers some common questions about the widespread software bug Log4J.
New threat intelligence from Sophos following the Apache Log4Shell vulnerability
Sophos has provided new threat intelligence following the reporting of the Apache Log4Shell vulnerability.
Log4j actively exploited, serious complications can occur according to CERT NZ
The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.
Claroty and JFrog discover 14 vulnerabilities in Busybox
Team82 and JFrog have announced the discovery of 14 vulnerabilities affecting the latest version of BusyBox.
New Microsoft Defender vulnerability should concern every enterprise - expert
A vulnerability found in Microsoft Defender released under Patch Tuesday is the most concerning.