Search Results: vulnerabilities

Dragos Industrial Cybersecurity “Year in Review” Reports Rise in Threat Groups, Vulnerabilities, and Ransomware as ICS/OT Systems Digitally Transform

February 23, 2022 TechDecisions Staff Leave a Comment

Number of industrial organizations with external connections to their Industrial Control Systems doubled, yet 86% of organizations report limited-to-no visibility of ICS environments HANOVER, Md.–(BUSINESS WIRE)–Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today released its fifth annual Dragos ICS/OT Cybersecurity Year in Review (YIR) report, the most […]

VMware: Patch These Vulnerabilities Immediately

VMware is urging customers to patch bugs in ESXi, Workstation, Fusion and Cloud Foundation running in on-premises or co-located settings.

February 15, 2022 Zachary Comeau Leave a Comment

VMware is urging customers to immediately patch vulnerabilities in ESXi, Workstation, Fusion and Cloud Foundation running in on-premises or co-located settings. The patches fix a total of five CVEs in those products that were disclosed during the Tianfu Cup, a Chinese security event that VMware participates in. According to the company, the flaws were reported […]

Security Vulnerabilities Found in VR Headsets

Rutgers researchers discover vulnerabilities in VR headsets that could lead malicious threat actors to commit eavesdropping attacks.

February 14, 2022 TD Staff Leave a Comment

Voice command features on virtual reality (VR) headsets pose vulnerabilities and could lead to major privacy eavesdropping attacks, according to researchers at Rutgers University-New Brunswick. The research shows hackers could use popular AR/VR headsets with built in motion sensors to record subtle, speech-associated facial dynamics to steal sensitive information communicated via voice-command, including credit card […]

The Top Vulnerabilities of 2021

Cybersecurity firm Tenable rounds up the top vulnerabilities in 2021, noting increases in ransomware attacks, data breaches, zero-days and more.

January 31, 2022 TD Staff Leave a Comment

Tenable’s 2021 Threat landscape retrospective report looks back at year unlike any other. Dozens of groups, like REvil, Conti, DarkSide and more, dominated the headlines and continued to wreak havoc across a wide range of industries. Tenable’s research team noted a surge in ransomware attacks, data breaches, zero-days and much more in 2021. Top vulnerabilities […]

Google To Fix 37 Chrome Vulnerabilities

Google is releasing a Chrome security update for Windows, Mac and Linux that contains fixes for 37 vulnerabilities.

January 6, 2022 TD Staff Leave a Comment

Google is releasing a Chrome security update for Windows, Mac and Linux that contains fixes for 37 vulnerabilities. Fixes for the updates are included in Chrome 97.0.4692.7, which the company says will roll out over the coming days and weeks. Of the 37 security bugs, one is rated as critical—a use after free flaw in […]

Just 42% Of Security Pros Can Detect IoT, OT Vulnerabilities

New research from Microsoft and Ponemon Institute suggests cybersecurity leaders are falling behind when it comes to IoT, OT security.

December 9, 2021 Zachary Comeau Leave a Comment

According to a new Microsoft study in conjunction with the Ponemon Institute, the Internet of Things and new innovations in operational technology is becoming critical for business, but simultaneously increasing an organization’s cyber risk. Researchers surveyed more than 600 IT, cybersecurity and OT security experts across the U.S., and found that many organizations are making […]

New Research Shows Vulnerabilities in Banking, Cryptocurrency Exchange, and FinTech APIs Allow Unauthorized Transactions and PIN Code Changes of Customers

October 26, 2021 TechDecisions Staff Leave a Comment

Noname Security sponsored research by vulnerability researcher Alissa Knight highlights need for financial services industry to prioritize API security LAS VEGAS–(BUSINESS WIRE)–Noname Security, the API security company, and Alissa Knight, Partner at Knight Ink and recovering hacker, today announced at Money 20/20 new research, “Scorched Earth: Hacking Bank APIs” which unveils a number of vulnerabilities […]

Vulnerabilities Found In Popular WordPress Plugin

Brizy Page Builder plugin has known vulnerabilities, which could lead to the potential compromise of thousands of WordPress websites.

October 20, 2021 TD Staff Leave a Comment

Brizy Page Builder, a popular WordPress plugin known as one of the best website builders for non-techies has known vulnerabilities, which could lead to the potential compromise of thousands of WordPress websites. Researchers at Security firm Wordfence stumbled upon the Brizy Page Builder vulnerabilities during a routine review of its firewall rules. The company discovered […]

Patch These Windows Vulnerabilities Now

Microsoft has released patches for 71 new vulnerabilities in Windows systems this past Tuesday, including one under active attack.

October 13, 2021 Zachary Comeau Leave a Comment

Microsoft has released patches for 71 new vulnerabilities in Windows systems and applications this past Tuesday, which follows 11 previously patched software flaws in Microsoft Edge and OpenSSL. That makes 82 patches this month, which is just slightly down from the 86 patches issued by Microsoft in September. This month’s patches address issues in Edge, […]

Microsoft Azure OMI Vulnerabilities Are Being Exploited

Microsoft says it has seen several exploitation attempts, including basic host enumeration and attempts to install a cryptocurrency miner.

September 20, 2021 Zachary Comeau Leave a Comment

According to cybersecurity companies, media reports and Microsoft itself, threat actors are actively exploiting security flaws in Azure’s Open Management Infrastructure framework that Microsoft disclosed as part of this months’ cumulative security updates. The vulnerabilities are in the Open Management Infrastructure (OMI)  framework, which Microsoft calls an open-source Web-Based Enterprise Management implementation for managing Linux […]