Apple has patched a vulnerability in macOS Big Sur 11.2 and 11.3 upgrades that could have resulted in users getting stuck in a boot loop, suffering serious data loss and potentially getting locked out of their data.
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Microsoft has patched a 12-year-old vulnerability in Microsoft Defender that, if exploited, could enable nonadministrative users to escalate privilege in the application. The patch was made after security firm SentinelOne recently notified Microsoft about the flaw.
The Reserve Bank of New Zealand issued an update on the data breach it sustained in December 2020, saying it has identified the records that were compromised and offering a timeline of the incident.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Two more breaches have been tied to the vulnerable 20-year-old Accellion File Transfer Appliance. The latest victims are Singapore telecom company Singtel and Australian medical research institute QIMR Berghofer.
Siemens has mitigated 21 vulnerabilities in two of its virtualization software tools that, if exploited, could enable attackers to gain remote control, exfiltrate data or cause systems to crash. It's urging customers to shift to updated versions of the software that fix the flaws.
SAP has issued a patch and remediation advice for a critical remote code execution vulnerability in its SAP Commerce product that could, if exploited, disrupt the entire system.
PayPal has patched a cross-site scripting - or XSS - vulnerability found in its currency conversion endpoint that, if exploited, could enable malicious JavaScript injection. The vulnerability was discovered by a bug bounty hunter.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.
When it comes to software patching, your company’s goal is to reduce its security risk exposure as much as possible and as fast as possible. This can be done by ensuring that its computing environment and IT software stack are up-to-date regarding known vulnerability releases and patch upgrades.
However,...
This infographic is a one page guide to the future of patch management. Download it to discover the data from an industry survey, including:
Top patching environments;
Time required to remediate all patches and reach compliance;
Most important patch-related activities and more.
Scanning and Patching are critical components in any environment/endpoint security process, but they’re only
part of an end to end cycle built around operational best practices, coupled with the right set of tools.
Essentially, this security process should take advantage of intelligent automation focused on four...
Microsoft has finally pushed out the second half of the software patch for the "Zerologon" privilege escalation vulnerability in the Windows Netlogon Remote Protocol more than five months after the first half of the patch was issued.
SonicWall has confirmed that a zero-day vulnerability is affecting its Secure Mobile Access, or SMA, gateway product line, and the company is developing a patch to address the issue. Researchers say they have found exploits for the vulnerability circulating in the wild.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.