Please turn on your JavaScript for this page to function normally.
NAS
NAS devices under attack: How to keep them safe?

Network-attached storage (NAS) devices are a helpful solution for storing, managing, and sharing files and backups and, as such, they are an attractive target for cyber …

printer
Microsoft confirms another Windows Print Spooler bug, offers workaround (CVE-2021-36958)

A day after the August 2021 Patch Tuesday, Microsoft has released an out-of-band security advisory acknowledging the existence of yet another Print Spooler vulnerability …

Firefox
Firefox 91 delivers new security and privacy options

Released on August 10, Firefox 91 delivers HTTPS by Default in Private Browsing mode and an enhanced cookie clearing option. Increased security with HTTPS by Default HTTP over …

GitHub
Allstar app helps enforce security best practices for GitHub projects

Google and the Open Source Security Foundation (OpenSSF) have released Allstar, an app that allows organizations / owners of GitHub repositories to set up security policy …

Patch Tuesday
Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws

Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …

Magento
Adobe fixes security holes in Magento, most of which are critical

Adobe has released security updates to address vulnerabilities in Magento and Adobe Connect. Magento August 2021 security updates Magento is a popular open-source e-commerce …

healthcare
The challenges healthcare CISOs face in an evolving threat landscape

Organizations in the healthcare sector – and especially those engaged in delivering healthcare services – have always been juicy targets for cyber attackers. But …

Pulse Connect Secure VPN
Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)

The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich …

magnify
Vulnerable TCP/IP stack is used by almost 200 device vendors

Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens …

Office 365
A clever phishing campaign is targeting Office 365 users

Microsoft is warning about an ongoing, “sneakier than usual” phishing campaign aimed at Office 365 users. An active phishing campaign is using a crafty combination …

Swisslog Healthcare's Translogic pneumatic tube system
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system

Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more …

CISA
CISA launches US federal vulnerability disclosure platform

Bug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools