Common Vulnerabilities and Exposures (CVE) stories - Page 13

Trend Micro discovers critical vulnerability in Samba file sharing protocol, advises urgent patching for affected organisations.

Supply chain attacks on SAP software distribution process allow internal attackers to intervene undetected, says SecurityBridge. A patch has been released.

WordPress vulnerabilities have more than doubled in 2021, with 77% of them being exploitable, according to Risk Based Security.

Ransom DDoS attacks increased by 29% YoY and 175% QoQ in the last quarter 2021, according to new research from Cloudfare.

Sophos has released details of a novel exploit that bypasses a patch for a critical vulnerability affecting the Microsoft Office file format.

Flaws in smartphone chip used in 37% of world's smartphones could enable eavesdropping or hiding malicious code, says Check Point Research.

Vulnerability in Cisco ASA and Cisco FTD firewalls discovered by Positive Technologies researcher, could lead to denial of service. Install updates.

Microsoft Defender vulnerability poses significant threat, warns Virsec. With 55 vulnerabilities in total, it is deemed the most concerning by experts.

ExtraHop has expanded decryption support for Microsoft authentication and application protocols, providing high fidelity detection of malicious activity.

BlackBerry has announced a new technology integration between Okta's Identity Cloud and BlackBerry Spark unified endpoint management.

Imperva launches free cloud data security assessment for Amazon RDS databases, allowing teams to quickly identify compliance issues.

Vulnerabilities in Wincor Cineo ATMs allow attackers to bypass encryption and make cash withdrawals, according to researchers.

Kaspersky uncovers zero-day exploit for Windows OS, used in attacks by IronHusky group. Patched by Microsoft on October 12.

The partnership will address the increasing complexity and growing cybersecurity threats among multi-tiered software supply chains.

Over 90% of malware arrived through encrypted connections in Q2 2021, highlighting the need for strong endpoint protection, says WatchGuard.

Researchers have identified a new, previously unknown group that has systematically attacked Russia's fuel and energy complex and its aviation industry.

The vulnerabilities currently putting Azure customers at risk are just the latest in a staggering number of crippling threats in internet software.

HackerOne introduces new features for its security intelligence services, including a worldwide top 10 ranking table and CVE Exploitation Index.

A patch is currently available for this vulnerability, however many sysadmins are potentially unaware they have the OMI product installed and are at risk. .

More than half of cyberattacks start with password brute force and vulnerability exploitation, according to new research by Kaspersky.