Information technology is developing at a rapid pace, with completely new areas emerging, such as DevOps and DevSecOps – and we’re striving to keep up. However, in some projects, you may encounter systems built on rather outdated principles. Such systems must be approached with care, since a single mistake can lead to data loss and malfunctions. To some extent, this is true for today’s systems too, but for systems with a rich history, the risks are significantly higher.
Mainframes are just such an example of old architecture. These software-hardware solutions rely on principles developed in the 1960s. However, they’re still in use today, for example, to simultaneously process a large number of transactions, perform complex computing operations, and so on.
Read more…
Source: Kaspersky
Related:
- Millions of iOS apps could have been hit by cyberattack due to a worrying flaw
July 3, 2024
A key tool used primarily in iOS and macOS app development was vulnerable in a way that opened up millions of Mac apps to supply chain attacks, experts have warned. Cybersecurity researchers EVA Information Security claim a dependency manager for Swift and Objective-C projects called CocoaPods, carried three vulnerabilities in a “trunk” server used to manage ...
- High-Risk Path Traversal in SolarWinds Serv-U
July 3, 2024
The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures. Serv-U server is a solution that provides a secure file transfer facility and control inside and outside the organization. Identified as CVE-2024-28995, SolarWinds Serv-U 15.4.2 HF 1 and previous versions allow an ...
- Apple IDs Targeted in US Smishing Campaign
July 2, 2024
Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple’s strong brand reputation makes users more susceptible to trusting deceptive communications ...
- Vulnerabilities in PanelView Plus devices could lead to remote code execution
July 2, 2024
Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device. The ...
- Prudential Financial data breach impacts 2.5 million people
July 2, 2024
In February 2024, Prudential Financial reported it had fallen victim to a ransomware attack. The attack was discovered one day after it started, but not before some 2.5 million people had been impacted by the resulting data breach. As one of the largest insurance companies in the US, Prudential employs 40,000 people worldwide and reported revenues ...
- Cisco Releases Advisory for Exploited Vulnerability in NX-OS software
July 2, 2024
Cisco has released a security advisory for a vulnerability in the command line interface (CLI) of the NX-OS software in Nexus series switches, which are modular and fixed port network switches designed for data centres. The command injection vulnerability known as CVE-2024-20399 has a CVSSv3 score of 6.0 and is rated at Medium by Cisco. An ...