CVE-2021-35392
CVE-2021-35392
Similar Posts
Okta to Buy Auth0 for $6.5 Billion
Identity & Access Management , Privileged Access Management , Security Operations In Other M&A Activity, TPG Capital to Acquire Thycotic; KnowBe4 Buys MediaPRO Doug Olenick (DougOlenick) • March 4, 2021 The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer…
US points finger at China over Microsoft Exchange email hack
The two-count indictment, which was returned in May and kept under seal until now, charges Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin were officers with the Hainan State Security Department, a provincial branch of China’s Ministry of State Security, or MSS. A fourth charged individual, Wu Shurong, was charged as a computer hacker who created…
Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration
Threat actors are increasingly abusing collaboration platforms for nefarious purposes, including malware delivery and data exfiltration, security researchers with Cisco’s Talos division report. With the COVID-19 pandemic forcing many organizations to switch to telework, interactive communication platforms such as Discord and Slack saw increased adoption and adversaries didn’t wait long to start abusing these tools….
Most Frequently Exploited CVEs Listed
Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021 Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…
Tips on Enhancing Supply Chain Security
3rd Party Risk Management , Governance & Risk Management , IT Risk Management NIST, CISA Highlight Key Steps to Take Akshaya Asokan (asokan_akshaya) • April 28, 2021 The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply…
RNC Says No Data Accessed in Synnex Breach
The Republican National Committee says none of its data was compromised in a cyberattack that involved B2B IT services provider Synnex. Over the weekend, Synnex was the target of a cyberattack by threat actors who attempted to access “customer applications within the Microsoft cloud environment.” As part of the services it offers, Synnex manages cloud…