Oracle January 2022 Critical Patch Update Addresses 266 CVEs
Oracle addresses 266 CVEs in its first quarterly update of 2022 with 497 patches, including 25 critical updates. Background On January 18, Oracle released its...
Supply chain vulnerability allows attackers to manipulate SAP transport system
A supply chain vulnerability in the SAP transport system that allows attackers to infiltrate the change management or software deployment process has been identified by...
The 2021 Threat Landscape Retrospective: Targeting the Vulnerabilities that Matter Most
A review of the year in vulnerabilities and breaches, with insights to help guide cybersecurity strategy in 2022 and beyond. “We do not learn from...
The Prometheus traffic direction system is a major player in malware distribution
Cybercrime is fueled by a complex ecosystem of criminal groups that specialize on different pieces of the final attack chains experienced by victims. There are...
Are Fake COVID Testing Sites Harvesting Data?
Over the past few weeks, I’ve seen a bunch of writing about what seems to be fake COVID-19 testing sites. They take your name and...
Exploring influences on SSC grades for insurance companies
This blog was written by an independent guest blogger. There are more online stores and services available than ever, and you are able to shop...
Microsoft’s Pluton security processor tackles hardware, firmware vulnerabilities
While this year’s Consumer Electronics Show was impacted by COVID, it didn’t stop Lenovo from announcing the first Microsoft Pluton-powered Windows 11 PCs. First announced...
Russian cyberattacks on Ukraine raise IT security concerns
This past week has seen an inundation of notifications concerning Russia’s overt and covert efforts to set “their” stage to provide it with a pretext...
How chaos engineering can help DevSecOps teams find vulnerabilities
The words “chaos” and “engineering” aren’t usually found together. After all, good engineers keep chaos at bay. Yet lately software developers are deploying what they...
Nine-year-old kids are launching DDoS attacks against schools
Britain's computer crime cops are targeting youngsters as young as nine years old in an attempt to dissuade them from embarking on a life of...