CVE-2021-37708

Governance & Risk Management , IT Risk Management , Patch Management If Exploited, Flaws Could Open Door to Theft of Admin Credentials Prajeet Nair (@prajeetspeaks) • April 1, 2021     VMware has issued patches for two critical vulnerabilities in its IT operations management platform, vRealize Operations, which, if exploited, could allow attackers to steal…

В спецификациях Bluetooth Core и Mesh Profile выявили уязвимости, позволяющие злоумышленникам выдавать себя за легитимное устройство при создании пары. За счёт эксплуатации обнаруженных брешей киберпреступники могут запустить атаки вида «Человек посередине» (man-in-the-middle, MitM).

Defense DOD wants industry to continue with CMMC prep amid program review   The Pentagon wants defense contractors to keep pushing forward with preparing for the implementation of the Cybersecurity Maturity Model Certification program despite pending results from its internal review, which could bring significant changes to the program. Dr. Christine Michienzi, chief technology officer…

Cybercrime , Endpoint Security , Fraud Management & Cybercrime Multiple Systems Impacted, Including Manufacturing and Internal IT Operations Doug Olenick (DougOlenick) • March 23, 2021     The Canadian Internet of Things manufacturer Sierra Wireless reported today it had suffered a ransomware attack over the weekend, forcing it to halt production at its manufacturing sites….

Cryptocurrency Fraud , Cybercrime , Fraud Management & Cybercrime Prosecutors: Yearslong Scheme Resulted in Theft of $530,000 Prajeet Nair (@prajeetspeaks) • April 29, 2021     A Massachusetts man has pleaded guilty to running a yearslong scam that used SIM swapping and other hacking techniques to steal more than $530,000 worth of cryptocurrency, the U.S….

Celsius Email System Suffers Security Breach | IT Security News 16. April 2021 Blockchain-based marketplace platform Celsius disclosed it has suffered a security breach with one of its third-party service providers. The breach exposed the personal information of its customers, leading to phishing attacks. According to their official statement, threat actors gained access to a…