Author: DEFENDEDGE
-
Critical Cisco Bugs Open VPN Routers to Cyberattacks
The company’s RV line of small-business routers contains 15 different security vulnerabilities that could enable everything from RCE to corporate network access and denial-of-service – and many have exploits circulating. Read more
-
Wormhole Crypto Platform: ‘Funds Are Safe’ After $314M Heist
The popular bridge, which connects Ethereum, Solana blockchain & more, was shelled out by it’s-not-saying. Wormhole is trying to negotiate with the attacker. Read more
-
CISA Releases Security Advisory for Airspan Networks Mimosa
Original release date: February 3, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) that details vulnerabilities in the Airspan Networks Mimosa product line. An attacker could exploit these vulnerabilities to achieve remote code execution, create a denial-of-service condition, or obtain sensitive information. CISA encourages users and administrators to review ICSA-22-034-02: Airspan Networks Mimosa for… Read more
-
Cisco Releases Security Updates for RV Series Routers
Original release date: February 3, 2022 Cisco has released security updates to address vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators… Read more
-
Supply-Chain Security Is Not a Problem…It’s a Predicament
Despite what security vendors might say, there is no way to comprehensively solve our supply-chain security challenges, posits JupiterOne CISO Sounil Yu. We can only manage them. Read more
-
KP Snacks Left with Crumbs After Ransomware Attack
The Conti gang strikes again, disrupting the nom-merchant’s supply chain and threatening empty supermarket shelves lasting for weeks. Read more
-
Thousands of Malicious npm Packages Threaten Web Apps
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors. Read more
-
Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft
Rising critical unpatched vulnerabilities and a lack of encryption leave medical device data defenseless, researcher warn. Read more
-
Samba ‘Fruit’ Bug Allows RCE, Full Root User Access
The issue in the file-sharing and interop platform also affects Red Hat, SUSE Linux and Ubuntu packages. Read more
-
Public Exploit Released for Windows 10 Bug
The vulnerability affects all unpatched Windows 10 versions following a messy Microsoft January update. Read more