Control IT and SaaS complexity with Axonius
Graham Cluley Security News is sponsored this week by the folks at Axonius. Thanks to the great team there for their support! From new device...
The Original APT: Advanced Persistent Teenagers
Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks...
New PCI DSS v4.0 receives kudos for flexibility
Standards are often force-fed to the industries they govern, but that doesn't seem to be the case with the latest version of the PCI Data...
New PCI Data Security Standard v4.0 receives kudos for flexibility
Standards are often force-fed to the industries they govern, but that doesn't seem to be the case with the latest version of the PCI Data...
Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
Since its inception in 2020, Zoom’s private bug bounty program has awarded $2.4 million in payments and swag to security researchers, recruiting over 800 ethical...
CVE-2021-26104
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x...
CVE-2021-22127
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute...
Attack on Ukraine Telecoms Provider Caused by Compromised Employee Credentials
Ukrtelecom claimed Russian hackers launched the attacks after compromising the credentials of an employee in an occupied area of the country Read More
Electric Vehicle Chargers Hacked to Show Porn
Screens on charge points in Isle of Wight council car parks hacked to show explicit content Read More
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.20.1: Patch 202204.1
Tenable.sc leverages third-party software to help provide underlying functionality. Two of the third-party components (Apache and OpenSSL) were found to contain vulnerabilities, and updated versions...