cybersecurity

Security | Apr 11, 2022

Is there a 0day in NGINX? F5 investigates claims, finds LDAP issues

NGINX owner F5 says it is investigating hacktivist group's claims...

Security | Apr 07, 2022

Thousands of VMware customers publicly exposed to pre-auth RCE as exploit reproduced

VMware Cloud Foundation, NSX-T, vRealize Suite, VMware Cloud suites, vRealize Automation, vRealize Log Insight all...

Security | Apr 05, 2022

UK's largest Ford dealer confirms Conti ransomware attack

Dealer group without access to internal systems since March.

Security | Apr 04, 2022

Nordex hacked: Wind turbine giant shuts down IT systems globally

€5.4 billion wind turbine firm attacked months after rival Vestas...

Security | Mar 31, 2022

Critical new Spring Framework vulnerability: Millions exposed?

As CVEs allocated, exploits circulate. Get auditing your applications...

Security | Mar 31, 2022

"Misconfigured" VPN used to breach Viasat satellite network, malicious commands wiped modems

Root cause analysis lands...

Security | Mar 30, 2022

"DomAdmins-LastPass.xlsx" incident puts a fresh light on supply chain risk

Material from a horrific data breach earlier this year at a UK company holding the details of thousands of IT contractors revealed that staff were routinely storing credentials in clearly flagged Word or Excel documents -- titled, among other examples, “useful links and passwords”, “passwords”, and “useful passwords”. The Stack&

Security | Mar 29, 2022

A critical Sophos firewall RCE bug is under active attack. Patch now.

Pre-auth RCE has been exploited in the wild...

Security | Mar 29, 2022

Google patches exploited new Chrome 0day

The vulnerability, CVE-2022-1096, also affects other Chromium browsers.

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();