Cybersecurity
AWS Glue vulnerability let security researchers take over the cloud service
Rapidly fixed and not exploited, but hair-raising nonetheless.
Cybersecurity
Google sees most CVEs in 2021 -- as eyes turn to 2022's first Patch Tuesday
Some 54 software vulnerabilities including 7 critical bug patches landed daily in 2021
Cybersecurity
A RECOMMENDED software update crashed 20 critical IT systems
The update in question...
Cybersecurity
Kronos attack: backup access targeted amid cold storage overhaul vow
More cold storage backups promised...
Cybersecurity
Is your Incident Response plan ready for catastrophe?
You may want to pack IR guidebooks, energy bars, gloves and earmuffs
Cybersecurity
Microsoft security update sets klaxons blaring in... Microsoft Defender
Microsoft flags one of its own processes as sensor tampering.
Cybersecurity
Christmas pay for police, nurses at risk after Kronos hit by ransomware
Company has 40 million users. "Secure" Private Cloud breached.
Cybersecurity
Bug in Log4j 2.15.0 also RCE: Severity raised to 9.0
Whac-that-mole...
Cybersecurity
10 key insights into UK’s bullish new national cybersecurity strategy
"We will increasingly act upstream on behalf of all internet users in the UK”
Cybersecurity
VMware vCenter “trivial to exploit” using Log4Shell, POC available
"All VCenter instances trivially exploitable by a remote and unauthenticated attacker."
Cybersecurity
Critical bug in ubiquitous Java framework sets off an internet cluster bomb
AWS, Red Hat, VMware, more affected with pre-auth RCE exploits circulating
Cybersecurity
Hackers <3 VPN bugs: Fix this pre-auth RCE bug in SonicWall VPNs asap
Patch, patch, patch...