Categories
common Vulnerabilities

The common vulnerabilities leaving industrial systems open to attack

The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now! The industrial sector was the second most targeted by malicious actors in 2020, when data extortion became a primary tactic and attacks skyrocketed. Overall, the year saw more cyberattacks than the past 15 years combined. And the trend has unfortunately…

Categories
disclosed Vulnerabilities

3 SSL VPN vulnerabilities disclosed in 2019 are still routinely exploited

The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now! Vulnerabilities in SSL VPN products are some of the most exploited by attackers for initial access to target networks, acting as a doorway for exploitation. Earlier this year, Tenable Research named three VPN vulnerabilities as part of its Top Five…

Categories
Two-for-Tuesday Vulnerabilities

Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling

PRIVILEGE ESCALATION — Both OSes have flaws that allow attackers with a toehold to elevate access. Dan Goodin – Jul 20, 2021 9:17 pm UTC The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security…

Categories
minimise Vulnerabilities

Tips to minimise vulnerabilities in web and mobile apps

Agile software development can sometimes be at odds with secure by design principles. We look at how organisations are balancing security with coding By Cliff Saran, Managing Editor Published: 19 Jul 2021 Far too many organisations run web and mobile apps that are vulnerable to targeted attacks. They may be using unpatched libraries and software…

Categories
severe Vulnerabilities

Severe vulnerabilities in Dell firmware Upgrade driver Discovered and fixed

privilege escalation — Dell firmware update driver 2.3 can be exploited to gain kernel-level privilege. Jim Salter – May 5, 2021 11:39 pm UTC Enlarge / At least three companies have reported the dbutil_2_3.sys security problems to Dell over the past two years.Yesterday, infosec research firm SentinelLabs revealed 12-year-old flaws in Dell’s firmware updater, DBUtil 2.3. The…