Security vulnerabilities stories

Every organisationusing Microsoft Exchange must patch their on-premise servers immediately and scan their networks for signs of malicious activity.More

The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More

Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More

2020 saw a large spike in physical and adjacent vulnerabilities, likely due to the proliferation of IoT and smart devices in use and being tested by researchers.More

The total number of vulnerabilities in 2020 is on track to exceed 2019.More

AppDynamics, part of Cisco, has released Cisco Secure Application, a solution designed to simplify vulnerability management, defend against cyber attacks and protect applications.More

GitHub’s vice president of product management, Jeremy Epling, says that IT is increasingly relying on developers for security, testing, and responsibility for production operations.More

AMNESIA:33 is a set of 33 memory-corrupting vulnerabilities affecting four open-source TCP/IP stacks: uIP; FNET; picoTCP; and Nut/Net.More

Unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.More

Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.More

"Our automated security assessment proved that all companies have network services available for connection on their network perimeter, allowing hackers to exploit software vulnerabilities and bruteforce credentials to these services."More

GitHub has recently rolled out code scanning to help developers detect and prevent vulnerabilities from popping up in their open source and enterprise code.More

Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.More

Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More

One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More

The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More

The vulnerabilities affect three industrial VPN servers and clients.More

"The CVE Program looks forward to partnering with Gallagher going forward as we collectively maintain our commitment to improving security."More

The vulnerability (CVE-2020-6287) could allow attackers to take over SAP systems by remotely accessing the server. More

New SaaS solution aims to prevent breaches by automating dynamic threat analysis for docker containers.More

A range of optical line termination (OLT) devices made by China-based manufacturer and vendor C-DATA may be riddled with vulnerabilities and backdoors.More

The new facility will be added to the IOTDC mesh, which is a network of geographically distributed facilities through IOTDC that offers communities integrated data centre services.More

Since early January 2020, the number of internet-accessible Cisco ASA devices considered vulnerable has jumped from 170,000 to 220,000.More

A blog post from security vendor ESET has outlined the risk of the zero-day for those who are still using the relic browser of internet-past.More