Security vulnerabilities stories
Supply chain attacks on SAP software distribution process allow internal attackers to intervene undetected, says SecurityBridge. A patch has been released.
SonicWall and Australia's ACSC are urging all businesses using SonicWall SMA 100 Series appliances to patch the devices as soon as possible.
Log4j vulnerability prompts urgent action from security leaders. Gartner's Jonathan Care explains risks and steps to take.
Datto is encouraging all MSPs to download a free script developed and made available on GitHub for any Remote Monitoring and Management solution.
Only 70% of organizations have scanned for the Log4Shell vulnerability, leaving 10% of assessed assets vulnerable, warns cybersecurity firm Tenable.
Log4J software bug, aka Log4Shell, sparks concern as it affects various platforms. Norton Labs offers advice on protecting systems and applications.
Sophos warns of a surge in cyberattacks exploiting the Apache Log4Shell vulnerability, with attempts exceeding hundreds of thousands so far.
Team82 and JFrog discover 14 vulnerabilities in the latest version of BusyBox, affecting OT and IoT devices running on Linux.
Microsoft Defender vulnerability poses significant threat, warns Virsec. With 55 vulnerabilities in total, it is deemed the most concerning by experts.
API vulnerabilities pose a significant risk to companies and individuals worldwide, according to new research by Akamai Technologies.
Vulnerabilities in Wincor Cineo ATMs allow attackers to bypass encryption and make cash withdrawals, according to researchers.
Invicti, the cybersecurity firm, has combined web application security expertise from its 2018 merger of Netsparker and Acunetix. .
Apple has urgently released patches for multiple software products due to vulnerabilities that may be linked to the Pegasus spyware.
Privacy Commissioner John Edwards named preferred candidate for UK Information Commissioner, pending UK Parliament's decision.
The average time to remediate the most severe vulnerabilities in an organisation's IT infrastructure has now reached 256 days.
Ivanti has acquired risk-based vulnerability management specialist RiskSense to enhance its patch management capabilities.
Positive Technologies reveals critical vulnerability in SonicWall Network Security Manager, allowing authenticated attackers full control.
The solution, Runecast Analyzer, provides configuration and security compliance analysis for AWS and Azure cloud, Kubernetes clusters and VMware SDDCs.
A security researcher from CanIPhish.com has discovered over 200 well-known Australian corporations with email security vulnerabilities.
The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.