Category Archives: Vulnerability Management

Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers

Two vulnerabilities discovered could lead to remote code execution, while another could lead to denial of service attacks.

The post Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers appeared first on SC Media.

Continue reading

Posted in DDoS, Security News, Threat intelligence, Vulnerabilities, Vulnerability Management | Comments Off on Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers

Azure Functions vulnerability proves cloud users not always in control

A newly discovered Azure Functions vulnerability lets an attacker escalate privileges and escape the Azure Functions Docker to the Docker host. After an internal assessment, Microsoft determined that the vulnerability has no security impact on Azure Functions users because the Docker host itself gets protected by a Microsoft Hyper-V boundary, according to researchers from Intezer…

The post Azure Functions vulnerability proves cloud users not always in control appeared first on SC Media.

Continue reading

Posted in Cloud, Security News, Virtualization And Cloud-Based Security, Vulnerability Management | Comments Off on Azure Functions vulnerability proves cloud users not always in control

Apple Patches Three New iOS Zero-Days

While Apple has a significant focus on making iOS secure, one researcher said increasingly complex capabilities often bring vulnerabilities.

The post Apple Patches Three New iOS Zero-Days appeared first on SC Media.

Continue reading

Posted in Mobile, Mobile Security, Security News, Vulnerability Management | Comments Off on Apple Patches Three New iOS Zero-Days

Users of IoT products from three major vendors at risk of DDoS attacks, data leaks

Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.

The post Users of IoT products from three major vendors at risk of DDoS attacks, data leaks appeared first on SC Media.

Continue reading

Posted in IoT, Research, Security News, Vulnerability Management | Comments Off on Users of IoT products from three major vendors at risk of DDoS attacks, data leaks

SonicWall network attacked via zero days in its VPN and secure access solutions

Cybersecurity firm SonicWall disclosed Friday night that hackers attacked the company’s internal networks by first exploiting zero-day vulnerabilities in its very own secure remote access products. SC Media received an anonymous tip Friday that SonicWall had suffered an attack, but did not get confirmation ahead of the disclosure by the company. SonicWall, whose product line…

The post SonicWall network attacked via zero days in its VPN and secure access solutions appeared first on SC Media.

Continue reading

Posted in Breach, Cybercrime, Featured, Ransomware, Security News, Vulnerabilities, Vulnerability Management | Comments Off on SonicWall network attacked via zero days in its VPN and secure access solutions

With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge

Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.

The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.

Continue reading

Posted in Breach, Data Breach, Featured, Security News, Security strategy, Vulnerability Management | Comments Off on With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge

7 vulnerabilities in popular DNS forwarding software open door to range of attacks

Researchers at JSOF have discovered distinct spoofing and buffer overflow vulnerabilities associated with DNSMasq, used in networking devices to cache and forward Domain Name System requests.

The post 7 vulnerabilities in popular DNS forwarding software open door to range of attacks appeared first on SC Media.

Continue reading

Posted in Network Security, Security News, Threat intelligence, Vulnerabilities, Vulnerability Management | Comments Off on 7 vulnerabilities in popular DNS forwarding software open door to range of attacks