Ελληνικά
By Ionut Arghire On Tuesday, its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News. The most important of SAP’s security notes (https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983) deals with two critical vulnerabilities in SAP Environmental Compliance. Tracked as CVE-2020-10683 and CVE-2021-23926 (CVSS […]
Author Archives: CSIRT
by Josh Meyer As most Americans are still learning about the hacking-for-cash crime of ransomware, the nation’s top homeland security official is worried about an even more dire digital danger: killware, or cyberattacks that can literally end lives. The Colonial Pipeline ransomware attack in April galvanized the public’s attention because of its consumer-related complications, including long lines […]
By Eduard Kovacs Adobe on Tuesday announced that it has patched a total of 10 vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. Adobe has patched (https://helpx.adobe.com/security.html/security/security-bulletin.ug.html) four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and […]
Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. These 81 vulnerabilities (including Microsoft Edge) are classified as: 21 […]
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing […]