Cybersecurity and threat news for Europe, the Middle East & Africa
These search results are from across the Techday network of sites
Datadog & Snyk integrate vulnerability management into GitHub
GitHub’s vice president of product management, Jeremy Epling, says that IT is increasingly relying on developers for security, testing, and responsibility for production operations.
New edge vulnerability revealed by Forescout
AMNESIA:33 is a set of 33 memory-corrupting vulnerabilities affecting four open-source TCP/IP stacks: uIP; FNET; picoTCP; and Nut/Net.
Claroty finds four vulnerabilities in Schneider Electric OT device
Unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.
Secure Code Warrior launches offering to help developers adopt a security mindset
Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.
Companies exploited by high-risk vulnerabilities, new research shows
"Our automated security assessment proved that all companies have network services available for connection on their network perimeter, allowing hackers to exploit software vulnerabilities and bruteforce credentials to these services."
GitHub's code vulnerability scanning tool now generally available
GitHub has recently rolled out code scanning to help developers detect and prevent vulnerabilities from popping up in their open source and enterprise code.
McAfee finds vulnerabilities in 'temi' the videoconferencing robot
Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider.
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.
VPN vulnerabilities pose serious risk to OT Networks
The vulnerabilities affect three industrial VPN servers and clients.
Gallagher fortifies cybersecurity reporting as NZ's first CVE Numbering Authority
"The CVE Program looks forward to partnering with Gallagher going forward as we collectively maintain our commitment to improving security."
RedShield develops 'virtual shield' to protect against SAP RECON vulnerability
The vulnerability (CVE-2020-6287) could allow attackers to take over SAP systems by remotely accessing the server.
Prevasio unveils threat analysis sandbox for containers
New SaaS solution aims to prevent breaches by automating dynamic threat analysis for docker containers.
C-DATA OLT firmware has intentional backdoors, allege researchers
A range of optical line termination (OLT) devices made by China-based manufacturer and vendor C-DATA may be riddled with vulnerabilities and backdoors.
IOTDC extends data centre services in Port Melbourne and beyond
The new facility will be added to the IOTDC mesh, which is a network of geographically distributed facilities through IOTDC that offers communities integrated data centre services.
Cisco ASA firewall users urged to patch systems now
Since early January 2020, the number of internet-accessible Cisco ASA devices considered vulnerable has jumped from 170,000 to 220,000.
Microsoft IE vulnerability to go unpatched until mid-Feb
A blog post from security vendor ESET has outlined the risk of the zero-day for those who are still using the relic browser of internet-past.
Zero-day Internet Explorer vulnerability exploited in the wild
Microsoft released an out-of-band patch for the vulnerability discovered by Google researchers due to the report that it has been exploited in the wild.
GitHub amps up vulnerability reporting capabilities
GitHub has announced new capabilities that make it easier for developers to report vulnerabilities directly from their repositories.
Apple issues clarification on extent of iOS malware infection
The attack affected fewer than a dozen websites that focus on content related to the Uighur community.
Security flaw left Android phones open to SMS phishing attacks found
Check Point Research discovered the vulnerability impacts phones from Samsung, Huawei, LG, and Sony.
How the iPhone malware discovery affects Apple users – Malwarebytes
The malware implant has been patched, but iPhone users should ensure they’re running on the latest version of iOS (12.1.4) to leverage the security patches.
Puppet launches vulnerability remediation product
With vulnerabilities and security breaches on the rise, the latest Puppet product helps IT teams find, prioritise and remediate vulnerabilities.