Cyber Defense Advisors

Cyber Threat Trends

Home / News / Cyber Threat Trends / Page 685
  • by
  • November 10, 2022

High-Severity Flaw Reported in Critical System Used in Oil and Gas Companies

Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The vulnerability, tracked as CVE-2022-0902 (CVSS score: 8.1), is a path-traversal vulnerability in ABB Totalflow flow computers and remote controllers. “Attackers can exploit this flaw to gain […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series of tweets. […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

Emergency code execution patch from Apple – but not an 0-day

Not a zero-day, but important enough for a quick-fire patch to one system library…

Cyber News, Cyber Threat Trends

Smashing Security podcast #297: Mastodon 101, and the Hushpuppi saga

Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

Okta streamlines IAM portfolio with consumer identity management cloud

Potential access management customers got a new option from Okta Wednesday, as the identity and access management (IAM) provider announced a newly streamlined Consumer Identity Cloud system designed to simplify the deployment and use of its various products. Okta said that the new cloud program is split into two main components—those aimed at providing identity […]

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

GitHub releases new SDLC security features including private vulnerability reporting

GitHub has announced new security features across its platform to help protect the software development lifecycle (SDLC). These include private vulnerability reporting, CodeQL vulnerability scanning support for the Ruby programming language, and two new security overview options. The world’s leading development platform said these updates make securing the SDLC end-to-end easier and more seamless for […]

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

Researchers show techniques for malware persistence on F5 and Citrix load balancers

Over the past several years, hackers have targeted public-facing network devices such as routers, VPN concentrators, and load balancers to gain a foothold into corporate networks. While finding remote code execution vulnerabilities in such devices is not uncommon, incidents where attackers were able to deploy malware on them that can survive restarts or firmware upgrades […]

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four?

Cyber News, Cyber Threat Trends

Top 6 Multi-Cloud Security Solution Providers

If you’re in the process of constructing a multi-cloud security plan, these providers can help you avoid the most common pitfalls of multi-cloud security. The post Top 6 Multi-Cloud Security Solution Providers appeared first on TechRepublic.

Cyber News, Cyber Threat Trends