Pierluigi Paganini
July 28, 2022
ENISA published a report that includes anonymised and aggregated information about major telecom security incidents in 2021. ENISA published a report that provides anonymized and aggregated information about major telecom security incidents in 2021. Every European telecom operator that suffers a security incident, notifies its national authorities which share a summary of these reports to […]
Pierluigi Paganini
July 26, 2022
The U.S. State Department increased rewards for information on any North Korea-linked threat actors to $10 million. In April 2020, the U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released a joint advisory that is warning organizations worldwide about the ‘significant cyber threat’ posed by the North Korean nation-state actors […]
Pierluigi Paganini
July 25, 2022
Drupal development team released security updates to fix multiple issues, including a critical code execution flaw. Drupal developers have released security updates to address multiple vulnerabilities in the popular CMS: Drupal core – Moderately critical – Multiple vulnerabilities – SA-CORE-2022-015 Drupal core – Critical – Arbitrary PHP code execution – SA-CORE-2022-014 Drupal core – Moderately […]
Pierluigi Paganini
July 24, 2022
North Korea-linked APT37 group targets high-value organizations in the Czech Republic, Poland, and other countries. Researchers from the Securonix Threat Research (STR) team have uncovered a new attack campaign, tracked as STIFF#BIZON, targeting high-value organizations in multiple countries, including Czech Republic, and Poland. The researchers attribute this campaign to the North Korea-linked APT37 group, aka […]
Pierluigi Paganini
July 23, 2022
Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System (GMS) products. Security company SonicWall addressed a critical SQL injection (SQLi) vulnerability, tracked as CVE-2022-22280 (CVSS score 9.4), in Analytics On-Prem and Global Management System (GMS) products. “Improper Neutralization of Special Elements used in an […]
Pierluigi Paganini
July 22, 2022
Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with Windows 11 Insider Preview build 22528.1000 the OS supports an account lockout policy enabled by default to block brute force attacks. The lockout policy was set to limit the number of failed sign-in attempts to […]
Pierluigi Paganini
July 21, 2022
Atlassian released security updates to address a critical security vulnerability affecting Confluence Server and Confluence Data Center. Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138. A remote, unauthenticated attacker can exploit the vulnerability to log into unpatched servers. Once installed the Questions for Confluence […]
Pierluigi Paganini
July 21, 2022
Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices. Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure. Below is the list of Apple […]
Pierluigi Paganini
July 18, 2022
Researchers published an analysis of the Windows remote code execution vulnerability CVE-2022-30136 impacting the Network File System. Trend Micro Research has published an analysis of the recently patched Windows vulnerability CVE-2022-30136 that impacts the Network File System. CVE-2022-30136 is a remote code execution vulnerability that resides in the Windows Network File System, it is due […]
Pierluigi Paganini
July 17, 2022
Google is going to remove the app permissions list from the official Play Store for both the mobile app and the web. As part of the “Data safety” initiative for the Android app on the Play Store, Google plans to remove the app permissions list from both the mobile app and the web. In April, […]
