vulnerabilities

  • Blog

    Five Eyes cyber agencies issue guidance on edge device vulnerabilities

    A host of cybersecurity agencies have teamed up to offer guidance on how to secure edge devices from ever-increasing threats. The advice covers network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers and internet-facing operational technology (OT) systems. Issued by the UK’s National Cyber Security Centre (NCSC), CISA,…

    Read More »
  • Blog

    CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

    Welcome. Tell us a little bit about you. This will help us provide you with customized content. First Name Last Name Job Title Company Name Company Size Select a size 1 – 4 5 – 9 10 – 24 25 – 49 50 – 99 100 – 249 250 – 499 500 – 999 1000 – 4999 5000 – 9999…

    Read More »
  • Blog

    Google just fixed a zero-day kernel flaw used by hackers and 47 other vulnerabilities — update your Android phone right now

    Keeping your phone up to date and running the latest security patches is the easiest way to stay safe from hackers which is why if you own one of the best Android phones, you’re going to want to install the February 2025 Android security updates right away. As reported by BleepingComptuer, Google has released this month’s Android security updates which…

    Read More »
  • Blog

    QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app

    QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. Rsync is an open-source file synchronization tool that supports direct file syncing via its daemon, SSH transfers via SSH, and incremental transfers that save time and bandwidth. It’s widely used by many backup solutions like Rclone, DeltaCopy, and ChronoSync,…

    Read More »
  • Blog

    SAP fixes critical vulnerabilities in NetWeaver application servers

    SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January Security Patch Day, the vendor also released updates for other products to patch 12 additional issues rated with medium and high severity. “SAP strongly recommends that the customer visits the Support Portal and applies…

    Read More »
  • Blog

    New botnet exploits vulnerabilities in NVRs, TP-Link routers

    A new Mirai-based botnetis actively exploiting a remote code execution vulnerability that has not received a tracker number and appears to be unpatched in DigiEver DS-2105 Pro NVRs. The campaign started in October and targets multiple network video recorders and TP-Link routers with outdated firmware. One of the vulnerabilities used in the campaign was documented by TXOne researcher Ta-Lun Yen and presented last…

    Read More »
  • Blog

    Russia is targeting unpatched vulnerabilities – what can tech leaders do to shore up defenses?

    Amid the war in Ukraine and escalating global geopolitical tensions, the threat from Russian cyber adversaries has never been greater. So much so that the UK’s National Cyber Security Centre (NCSC) has issued a warning to firms to buckle up for online attacks by Russia’s Foreign Intelligence Service (SVR). According to a joint advisory of US security agencies, the nation…

    Read More »
  • Blog

    These three critical sectors are riddled with high-risk vulnerabilities

    The finance, healthcare, and IT sectors are among the most vulnerable to cyber attacks, new research reveals, with thousands of critical security flaws identified across all three industries. Research from software firm Black Duck analyzed data from over 200,000 dynamic application security testing (DAST) scans on around 1,300 apps across 19 industries between June 2o23 and June 2024. Black Duck’s…

    Read More »
  • Blog

    Four Critical Vulnerabilities Paved Over

    On Patch Tuesday, Windows systems will be updated with a flood of security fixes. In November, Windows patched four zero-day vulnerabilities, two of which have been exploited. Patch Tuesdays are a good time for admin teams to remind employees of the importance of keeping operating systems and applications up to date. In the meantime, software makers like Microsoft and Adobe…

    Read More »
  • Blog

    Threat Actors Are Exploiting Vulnerabilities Faster Than Ever

    New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on the analysis of 138 different exploited vulnerabilities that were disclosed in 2023. The findings, published on Google Cloud’s blog, reveals that vendors are increasingly being targeted by attackers, who are continually reducing the average time to exploit both zero-day and N-day vulnerabilities.…

    Read More »
Back to top button
close