Cybersecurity Bug-Hunting Sparks Enterprise Confidence
A survey from Intel shows that most organizations prefer tech providers to have proactive security, but few meet security expectations.
Nearly three-quarters of IT security professionals (73 percent) surveyed say...
Molson Coors Cracks Open a Cyberattack Investigation
The multinational brewing company did not say what type of incident caused a ‘systems outage,’ but it’s investigating and working to get networks back online.
Another high-profile company has been...
Critical Security Hole Can Knock Smart Meters Offline
Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks.
Critical security vulnerabilities in Schneider Electric smart meters could allow an attacker a path to remote code execution...
Microsoft Exchange Servers Face APT Attack Tsunami
At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount.
Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10...
Technical Advisory: Dell SupportAssist Local Privilege Escalation (CVE-2021-21518)
Vendor: Dell / PC-Doctor
Vendor URL: https://www.dell.com/support/contents/en-uk/article/product-support/self-support-knowledgebase/software-and-downloads/supportassist
Versions affected: SupportAssist for Windows version 3.7 or higher, between 2020-08-28 and 2020-10-22
Systems Affected: Windows
Author: richard.warrennccgroupcom
Advisory URL: https://www.dell.com/support/kbdoc/000184012
CVE Identifier: CVE-2021-21518
Risk: CVSSv3.1: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Summary
When running...
Cyberattackers Exploiting Critical WordPress Plugin Bug
The security hole in the Plus Addons for Elementor plugin was used in active zero-day attacks prior to a patch being issued.
The Plus Addons for Elementor plugin for WordPress...
SAP Stomps Out Critical RCE Flaw in Manufacturing Software
The remote code execution flaw could allow attackers to deploy malware, modify network configurations and view databases.
Enterprise software giant SAP pushed out fixes for a critical-severity vulnerability in...
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft’s regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall.
Included in the slew...
Apple’s Device Location-Tracking System Could Expose User Identities
Researchers have identified two vulnerabilities in the company’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.
Two vulnerabilities in a crowdsourced location-tracking system that helps users find...
Technical Advisory – Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE / GS116Ev2 Switches
Multiple vulnerabilities were found in Netgear ProSafe Plus JGS516PE switches that may pose a serious risk to their users. The most critical vulnerability could allow unauthenticated users to gain...