This week’s security news includes: ATMs and medical devices at risk due to Access:7 bugs NSA says OpenSSL vulnerability can ‘definitely be weaponized’ Windows Autopatch coming this summer PHP package manager PEAR had critical flaw undiscovered for 15 years VMWare patches Spring4Shell RCE flaw in multiple products Senate confirms Maj. Gen. Maria Barrett as head…
This week’s security news includes: Kaspersky deemed national security threat Administrator at Yale admitted to stealing tens of millions of dollars – insider threat on steroids Opt-out from major credit bureaus selling your data Hacked WordPress sites make visitors DDoS Ukrainian targets SonicWall releases critical patch for some of its firewalls Gitlab patches critical account…
This week’s news items include: Russian hacking group hacked by Ukraine NSA Technical Report on Network Infrastructure Security CISA releases another 95 patches to install now Russia prepares to disconnect from the Internet Amex suspends operations in Russia and Belarus Samsung is suspending shipments into Russia Layering network security through segmentation Toyota shuts down 14…
This week’s news items includes: Sextortion is on the Rise Again FBI Guide on Lessening Digital Exhaust Watchguard Issues Patch for Cyclops Blink Vulnerability FCC Proposes Largest Ever Fine for Robocalling – $45 Million Does Your Identity Theft Protection Policy Cover Theft of Cryptocurrency Assets? Getting Your SOC 2 as a SaaS Company 7 Steps…
This week’s items include: Puma-Kronos Breach Continues Focus on Third Party Risk Management WSJ Reports that Two Months After Log4j, Developers are Still Downloading Thousands of Packages a Day Vulnerable to Attack Ford Will Shut Down or Cut Production at 8 North America Plants Due to Lack of Chips Apple Releases Patch for Active Zero-Day…
This week’s items include: FBI and CIA purchased NSO Group’s Pegasus spyware Microsoft continues to enhance Edge Chromium security Facebook learns that people do care about their privacy and it will cost them $10 B this year FCC revokes China Unicom’s license to operate in the U.S. Kronos is still dealing with the effects of…
DHS says U.S. on heightened alert for Russian cyberattack Apple updates personal safety guide in wake of stalkers using AirTags to track victims Missing MS Intune cert breaks email, VPN on Samsung devices on Android 12 Apple fixes Safari data leak after being outed Apple patches actively exploited iOS security flaw Workers file lawsuits in…
Here is the security news for the week ending January 23, 2022 January 23, 2022 Critical SAP vulnerability allows for supply chain attacks US Olympians told to use burner phones in China Google details two zero-days in Zoom clients It has not been a good couple of months for Zoho Court to Europol – delete…
Here is the security news for the week ending January 16, 2022: January 16, 2022 Gettr, the Alt-Tech, Uses Trackers, Features from Facebook and Google Chrome to Limit Access to Private Networks (via browser, finally) Remotely Executable NetUSB Bug Puts Millions of Devices at Risk Ivanti Updates Log4j Security Advisory for Multiple Products NYDFS Delays…
This week’s security news includes: Son of Log4j rears its ugly head; Model warns women to check your belongings after being tracked by Apple AirTag; AMD releases new chip with Microsoft’s Pluton processor; New consumer protection laws in 2022; SonicWall is the most recent vendor to have Y2K22 bug; Over 1,200 man-in-the-middle toolkits available to…
