Tens of Vulnerabilities in Siemens PLM Products Allow Code Execution
Siemens this week informed customers that some of its product development solutions are affected by a total of nearly two dozen vulnerabilities that can be exploited for arbitrary code execution using malicious files.
read more
Data Security Startup Qohash Raises $6 Million
Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.
read more
Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability
Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability.
read more
Facebook Takes Legal Action Against Data Scrapers
Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website.
read more
Malvuln Project Catalogues Vulnerabilities Found in Malware
A researcher has launched Malvuln, a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.
read more
NSA Publishes Guidance for Enterprises on Adoption of Encrypted DNS
The National Security Agency (NSA) on Wednesday published guidance for businesses on the adoption of an encrypted domain name system (DNS) protocol, specifically DNS over HTTPS.
read more
Telegram-Based Automated Scam Service Helps Fraudsters Make Millions
More than 40 scammer groups are actively engaged in schemes leveraging a scam-as-a-service offering that provides users the tools and resources needed to conduct fraud, according to threat hunting and intelligence company Group-IB.
read more
Vulnerability Exposes F5 BIG-IP Systems to Remote DoS Attacks
A vulnerability discovered by a researcher in a BIG-IP product from F5 Networks can be exploited to launch remote denial-of-service (DoS) attacks.
read more
Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole
The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.
read more
CISA Warns Organizations About Attacks on Cloud Services
In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their cloud security.
read more
Capcom Says Personal Data of Thousands More Stolen in Ransomware Attack
Video game giant Capcom this week revealed that thousands more people than initially believed had their personal information stolen in a ransomware attack in November 2020.
read more
Vulnerabilities Can Allow Hackers to Create Backdoors in Comtrol Industrial Gateways
Several vulnerabilities have been identified in Pepperl+Fuchs Comtrol IO-Link Master industrial gateways, including flaws that researchers claim can be exploited to gain root access to a device and create backdoors.
read more
Over 70 Vulnerabilities Will Remain Unpatched in Cisco EOL Routers
Cisco this week announced that it does not plan on addressing tens of vulnerabilities affecting some of its small business routers.
read more
EU Court Opinion Leaves Facebook More Exposed Over Privacy
Any EU country can take legal action against companies like Facebook over cross-border violations of data privacy rules, not just the main regulator in charge of the company, a top court adviser said Wednesday.
read more
New Zealand Central Bank Says Accellion Service at Heart of Cyberattack
The Reserve Bank of New Zealand – Te Pūtea Matua – says Accellion’s FTA (File Transfer Application) file sharing service was involved in a security incident disclosed on Sunday.
read more
Official: Number of Victims of Russian Hack Likely to Grow
The number of federal agencies and private companies who learn that they have been affected by a massive Russian hack is expected to grow as the investigation into it continues, the U.S. government’s chief counterintelligence official said Tuesday.
read more
IoT Security Firm Vdoo Expands Series B Funding to $57 Million
New Funding Will Help IoT Device Security Firm Support Demand from Telcos and Utilities
read more
Tech Giants Hope for US Data Privacy Law
Google, Twitter and Amazon are hopeful that Joe Biden's incoming administration in the United States will enact a federal digital data law, senior company officials said at CES, the annual electronics and technology show.
read more
Hackers Publish COVID-19 Vaccine Data Stolen From EU Medicines Agency
Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency (EMA) in early December 2020.
read more
SolarLeaks: Files Allegedly Obtained in SolarWinds Hack Offered for Sale
Someone has set up a website named SolarLeaks where they are offering to sell gigabytes of files allegedly obtained as a result of the recently disclosed SolarWinds breach.
read more