CVE-2021-30205
Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames. Read More
CVE-2021-30203
A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML. Read More
Submarine Cables at Growing Risk of Cyber-Attacks
A report from Recorded Future highlights how digital cable management systems are vulnerable to nation-state attacks Read More
DNS can speed up response to threats and make security operations more productive
Graham Cluley Security News is sponsored this week by the folks at Infoblox. Thanks to the great team there for their support! At Infoblox, we...
Fortanix adds confidential data search for encrypted enterprise data
Cloud data security company Fortanix has announced Fortanix Confidential Data Search, a search offering for encrypted databases within enterprise cloud workflows. “Confidential Data Search allows...
Bionic integrations offer context-based vulnerability management
Application security posture management (ASPM) company Bionic has added two new capabilities — Bionic Signals and Bionic Business Risk Scoring — to its namesake cybersecurity...
New Android banking trojan targets US, UK, and Germany
An ongoing malware campaign has been pushing the Android banking trojan, Anatsa, to online banking customers in the US, the UK, Germany, Austria, and Switzerland,...
Fileless attacks surge as cybercriminals evade cloud security defenses
The number of fileless or memory-based attacks that exploit existing software, applications, and protocols have surged 1,400% in the last year. That’s according to Aqua...
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...
Survey reveals mass concern over generative AI security risks
A new Malwarebytes survey has revealed that 81% of people are concerned about the security risks posed by ChatGPT and generative AI. The cybersecurity vendor...