Business Continuity Management / Disaster Recovery , COVID-19 , Cybercrime Researchers: Home and Office Connected Devices Vulnerable to Attack Doug Olenick (DougOlenick) • July 24, 2021 As corporate America begins to ask employees to come back to their offices starting in the fall, cybersecurity teams have a huge task before them to ensure…
Endpoint Security , Governance & Risk Management , Internet of Things Security Senate Bill Would Require CISA to Identify and Respond to ICS Threats Scott Ferguson (Ferguson_Writes) • July 23, 2021 From left: Sens. Rob Portman, Marco Rubio, Gary Peters and Mark Warner are co-sponsoring a bill to improve ICS and OT security….
Executive Summary Informations Name CVE-2021-25207 First vendor Publication 2021-07-23 Vendor Cve Last vendor Modification 2021-07-23 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Executive Summary Informations Name CVE-2021-26232 First vendor Publication 2021-07-22 Vendor Cve Last vendor Modification 2021-07-22 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Joseph O’Connor, a 22-year-old citizen of the United Kingdom, has been arrested in connection with the 2020 Twitter hack that impacted multiple high-profile accounts like Apple. As reported by The Verge, the United States Department of Justice issued a press release announcing O’Connor’s arrest. The hacker was apparently apprehended in Estepona, Spain, by Spanish National…
The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments. One of the bills focusing on critical infrastructure is the Cybersecurity Vulnerability Remediation Act, which aims to authorize the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to…
In the quarterly Critical Patch Update for July 2021, Oracle has released 342 fixes for several of its products range. The security experts at Oracle have claimed that among those fixes there are some critical flaws, and a threat actor can easily exploit these flaws remotely. The most critical one is the deserialization flaw through…
Business Email Compromise (BEC),Fraud Management & Cybercrime,Fraud Risk Management West African Crime Group Used Homoglyph Techniques to Trick Victims, Company SaysDoug Olenick (DougOlenick) •July 21, 2021 Microsoft has announced the takedown of 17 domains that a threat group operating out of West Africa used to host fake Microsoft websites when conducting business email…
Safe Security, a Silicon Valley cyber risk management startup, has secured a $33 million investment from U.K. telco BT. Founded in 2012, Safe Security — formerly known as Lucideus — helps organizations measure and mitigate enterprise-wide cyber risk using its security assessment framework for enterprises (SAFE) platform. The service, which is used by a number…
CVE-2021-2369 Detail Current Description Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple…
