Pin Posts - Page 2576 of 2656 - Cyber Security News

DSA-5087 cyrus-sasl2 – security update

It was discovered that the SQL plugin in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, is prone to a SQL injection attack....

February 25, 2022

News

TrickBot operators slowly abandon the botnet and replace it with Emotet

TrickBot, once one of the most active botnets on the internet and a primary delivery vehicle for ransomware, is no longer making new victims. However,...

February 24, 2022

News

Government Advisories Warn of APT Activity Resulting from Russian Invasion of Ukraine

Government agencies publish warnings and guidance for organizations to defend themselves against advanced persistent threat groups. As governments around the world call for heightened cyber...

February 24, 2022

News

Ransomware is top attack vector on critical infrastructure

Ransomware was the number one attack vector on critical infrastructure in 2021, according to a report by Dragos, a leading company in industrial cybersecurity. Nearly...

February 24, 2022

Advisories

CVE-2020-14504

The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may...

February 24, 2022

Advisories

CVE-2020-14502

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web...

February 24, 2022

Advisories

CVE-2020-14481

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including...

February 24, 2022

Advisories

CVE-2020-14480

Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon...

February 24, 2022

Advisories

CVE-2020-14478

A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A...

February 24, 2022

Advisories

CVE-2020-10640

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific...

February 24, 2022

Cyber Security NewsCyber Security News

Sitting Ducks DNS Attacks Put Global Domains at Risk

Microsoft Power Pages Misconfiguration Leads to Data Exposure

ShrinkLocker ransomware: what you need to know

Massive Telecom Hack Exposes US Officials to Chinese Espionage

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones

API Security in Peril as 83% of Firms Suffer Incidents

Bank of England U-turns on Vulnerability Disclosure Rules

LevelBlue Cybersecurity Awareness Month Recap

Sitting Ducks DNS Attacks Put Global Domains at Risk

Microsoft Power Pages Misconfiguration Leads to Data Exposure

ShrinkLocker ransomware: what you need to know

Massive Telecom Hack Exposes US Officials to Chinese Espionage

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones

API Security in Peril as 83% of Firms Suffer Incidents

Bank of England U-turns on Vulnerability Disclosure Rules

LevelBlue Cybersecurity Awareness Month Recap

Smashing Security podcast #393: Who needs a laptop to hack when you have a Firestick?

DSA-5087 cyrus-sasl2 – security update

TrickBot operators slowly abandon the botnet and replace it with Emotet

Government Advisories Warn of APT Activity Resulting from Russian Invasion of Ukraine

Ransomware is top attack vector on critical infrastructure

CVE-2020-14504

CVE-2020-14502

CVE-2020-14481

CVE-2020-14480

CVE-2020-14478

CVE-2020-10640