Category: Vulnerabilities

October 15, 2021

The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. “This activity—which includes attempts to compromise […]

October 14, 2021

Continuity issued a research report which provided an analysis of the vulnerabilities and misconfigurations of enterprise storage systems. The findings revealed that storage systems have a significantly weaker security posture than the other two layers of IT infrastructure: compute or […]

October 12, 2021

Adobe has patched four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and they can lead to arbitrary code execution in the context of […]

October 12, 2021

The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a […]

October 6, 2021

We are witnessing numerous and damaging attacks on critical infrastructure lately. What is the main cause that makes them susceptible to these attacks? Over recent years, attacks on critical infrastructure have grown from moderate risk to major headline-grabbing news and […]

October 4, 2021

Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two decades ago provided valuable tools for IT teams to be alerted to known suspicious […]

October 4, 2021

The pilot program financially rewards developers who help improve the security of critical open source projects and is meant to complement existing vulnerability management programs. Committed to boost the security of the open source ecosystem, the Internet search giant recently […]

September 17, 2021

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream […]

September 16, 2021

Bot attack volumes grew 41% year over year with human-initiated attacks falling 29%, according to a report from LexisNexis Risk Solutions. The report confirms earlier trend patterns showing the financial services industry and media businesses bear the brunt of increased […]

September 14, 2021

Year after year, the number of data breaches affecting entities in the healthcare industry rises, and 2020 was no exception. The 616 data breaches reported this past year to the US Department of Health & Human Services (DHHS) have resulted […]