Please turn on your JavaScript for this page to function normally.
OpenSSL
OpenSSL 3.0: A new FIPS module, new algorithms, support for Linux Kernel TLS, and more

The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library. What is OpenSSL? OpenSSL contain an open-source …

ransomware
Researchers pinpoint ransomware gangs’ ideal enterprise victims

Researchers with threat intelligence company KELA have recently analyzed 48 active threads on underground (dark web) marketplaces made by threat actors looking to buy access …

Windows
Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)

Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise …

Cisco
Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746)

A critical vulnerability (CVE-2021-34746) that affects Cisco Enterprise NFV Infrastructure Software (NFVIS) has been patched and Cisco is urging enterprise admins to quickly …

Fortress S03 panel
Vulnerabilities allow attackers to remotely deactivate home security system (CVE-2021-39276, CVE-2021-39277)

A DiY home security system sold to families and businesses across the US sports two vulnerabilities (CVE-2021-39276, CVE-2021-39277) that, while not critical, “are …

ransomware
Ransomware gangs target organizations during holidays and weekends

Ransomware gangs may take advantage of upcoming holidays and weekends to hit US organizations, the FBI and the CISA have warned. They don’t have any specific threat …

Sachin Shah
Trends in the OT/ICS security space and what’s to come

In July 2021, Armis appointed Sachin Shah, an Intel veteran of over 21 years, as its new CTO for Operational Technology (OT) and Industrial Control Systems (ICS). In this …

Realtek
Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395)

Threat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices. …

Microsoft Exchange
ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware

Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the …

T-Mobile
T-Mobile data breach: New information uncovered by the investigation

In the wake of the recent claims that T-Mobile U.S. has suffered a massive data breach and the consequent industry reactions, the company has shared additional information its …

Fortinet
Unpatched Fortinet FortiWeb vulnerability allows remote OS command injection

An unpatched vulnerability in the management interface for FortiWeb, Fortinet’s web application firewall, could allow a remote, authenticated attacker to execute …

IoT
Critical bug allows remote compromise, control of millions of IoT devices (CVE-2021-28372)

A vulnerability (CVE-2021-28372) in the SDK that allows IoT devices to use ThroughTek’s Kalay P2P cloud platform could be exploited to remotely compromise and control …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools