As a business owner, you know how important it is to keep your business data safe and secure. Perhaps you have already even invested in cybersecurity solutions such as antivirus platforms and ﬁrewalls. But, do you have a password management system?
Adobe has released security patches for vulnerabilities now resolved in seven of its products. The impacted software is Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate, and Campaign Classic.
On Dec. 13, the cyber community observed one of the most significant cybersecurity events of our time, impacting both commercial and government organizations worldwide.
This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).
The Trend Micro InterScan Web Security Virtual Appliance (IWSVA) is affected by multiple critical security issues. Unauthenticated attackers are able to gain root access to the appliance via chained attack vectors, such as CSRF protection bypass, authorization & authentication bypass, and more.
Microsoft has published 58 security fixes across 10+ products and services, as part of the company's monthly batch of security updates, known as Patch Tuesday. More than a third of these patches (22) are classified as remote code execution (RCE) vulnerabilities.
Business Email Compromise (BEC) scammers are exploiting web-based email clients’ autoforwarding rules to intersect financial transactions.
Microsoft released patches for 112 unique common vulnerabilities and exposures (CVEs), 17 of which were considered critical.
Apple has patched the three zero-day vulnerabilities with latest release of iOS 14.2. Human Operated ransomware RansomeEXX's Operators developed new ELF executable to infect Linus based operating systems.
Google has rolled out an update to its Chrome web browser that fixes five security flaws, including a vulnerability that is known to be actively exploited by attackers.
A Tennessee firm that provides health data management services has agreed to pay the United States Office for Civil Rights (OCR) $2.3m to settle charges related to a data breach. The healthcare industry is a known target for hackers and cyberthieves.
Hospital patients have been warned that data that was on the Blackbaud systems affected by the cyber-attack may have included their name, date of birth, address, contact information, attending doctor, insurance provider, and medical service department.
According to security researchers, millions of WordPress sites are being probed in automated attacks looking to exploit a recently discovered plugin vulnerability. Wordfence, which produces a plugin for the platform, revealed news of the zero-day bug at the start of September.
A cyber attack has shut down virtual classes in a Los Angeles school district two weeks after the FBI issued a cybersecurity warning to schools offering online learning.
Researchers have once again spotted crooks using calendar invitations to mount phishing attacks. The Cofense Phishing Defense Center found the attack in enterprise email environments protected by Proofpoint and Microsoft, it announced last week.