News • Insights • Analysis
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. CVE-2022-27926 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose Read More …
CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2013-3163 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-1776 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2017-7494 Samba Remote Code Execution Vulnerability Read more… Read More …
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary Read More …
Amendments have been submitted to the Act on Mutual Legal Assistance in Criminal Matters, designed to set up procedures for exchange of legal assistance with other countries in order to stop and take action against cybercrimes, crimes committed using computer Read More …
One of the authors of a Senate bill that would enable the US commerce department to ban technologies with links to foreign governments has said the Biden White House is “very in favor” of the measure, but stopped short of Read More …
The FBI warns the public of criminal actors using Business Email Compromise (BEC) schemes to facilitate the acquisition of a wide range of commodities. BEC is one of the most financially damaging online crimes. It exploits the fact that so Read More …
The commissions of the House of Commons and House of Lords have announced they will follow the move taken by the government on official devices, citing the need for cyber security. A parliament spokesman said that TikTok “will be blocked Read More …
Today, CISA released the Untitled Goose Tool to help network defenders detect potentially malicious activity in Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) environments. The Untitled Goose Tool offers novel authentication and data gathering methods for network Read More …
Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial of service, allow configuration manipulation, and achieve remote code execution, according to security researchers. And most of these operational technology (OT) products – which include industrial control Read More …
The government will provide a plan to promote cyber resilience across the health and care sectors by 2030, protecting both services and patients. New strategy sets out 5 key ways to build cyber resilience in health and care by 2030 Read More …
