Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Building Cyber Resilience in SMBs ​With ​Limited Resources

​​​With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths​​.

DARKReading
Open in Source
#vulnerability#dos#git#intel#samba#auth#ibm#ssl
Red Hat Security Advisory 2024-7599-03

Red Hat Security Advisory 2024-7599-03 - Red Hat OpenShift Container Platform release 4.16.16 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, integer overflow, and out of bounds write vulnerabilities.

Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks

Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity.

GHSA-jqfv-jrvq-95jm: Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.

Social Media Accounts: The Weak Link in Organizational SaaS Security

Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access — a situation no organization wants as

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately result

DumpForums Claim 10TB Data Breach at Russian Cybersecurity Firm Dr.Web

Pro-Ukrainian hacktivists from DumpForums claim to have breached Russian cybersecurity giant Dr.Web, stealing over 10 TB of sensitive…

Despite Prevalence of Online Threats, Users Aren't Changing Behavior

Consumers are victims of online scams and have their data stolen, but they are lagging on adopting security tools to protect themselves.

Patch Tuesday, October 2024 Edition

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 "Sequoia" update that broke many cybersecurity tools.