Some 98% of Global Firms Suffer Supply Chain Breach in 2021
Two-fifths still trust suppliers to handle their own security
Cyber News, Cyber Threat TrendsMalware Redirects 15,000 Sites in Malicious SEO Campaign
Campaign designed to improve search engine rankings of spammy sites
Cyber News, Cyber Threat TrendsCouple Get 40 Years for Navy Espionage Plot
Duo tried to sell secrets of nuclear propulsion
Cyber News, Cyber Threat Trends
- November 10, 2022
Re-Focusing Cyber Insurance with Security Validation
The rise in the costs of data breaches, ransomware, and other cyber attacks leads to rising cyber insurance premiums and more limited cyber insurance coverage. This cyber insurance situation increases risks for organizations struggling to find coverage or facing steep increases. Some Akin Gump Strauss Hauer & Feld LLP’s law firm clients, for example, reported a three-fold […]
Cyber News, Cyber Threat Trends
- November 10, 2022
High-Severity Flaw Reported in Critical System Used in Oil and Gas Companies
Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The vulnerability, tracked as CVE-2022-0902 (CVSS score: 8.1), is a path-traversal vulnerability in ABB Totalflow flow computers and remote controllers. “Attackers can exploit this flaw to gain […]
Cyber News, Cyber Threat Trends
- November 10, 2022
New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series of tweets. […]
Cyber News, Cyber Threat Trends
- November 10, 2022
Emergency code execution patch from Apple – but not an 0-day
Not a zero-day, but important enough for a quick-fire patch to one system library…
Cyber News, Cyber Threat TrendsSmashing Security podcast #297: Mastodon 101, and the Hushpuppi saga
Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
Cyber News, Cyber Threat Trends
- November 9, 2022
Okta streamlines IAM portfolio with consumer identity management cloud
Potential access management customers got a new option from Okta Wednesday, as the identity and access management (IAM) provider announced a newly streamlined Consumer Identity Cloud system designed to simplify the deployment and use of its various products. Okta said that the new cloud program is split into two main components—those aimed at providing identity […]
Cyber News, Cyber Threat Trends