Summary
Cisco has published one security advisory. The advisory is rated as Medium and deals with twelve vulnerabilities in the 802.11 standard, which were disclosed in the research paper "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation."
Threat Type
Vulnerability
Overview
Cisco has published one security advisory. The advisory is rated as Medium and deals with twelve vulnerabilities in the 802.11 standard, which were disclosed in the research paper "Fragment and Forge: Breaki
Summary
Following the DarkSide ransomware attack on Colonial Pipeline, IBM Security X-Force has released a report providing a summary of the ransomware family, its tactics, techniques, and procedures (TTPs), and attribution.
Threat Type
Ransomware
Overview
IBM Security X-Force has published a report providing an overview of the DarkSide ransomware. The ransomware first appeared in August 2020 and is capable of encrypting Windows and Linux systems. DarkSide uses a "ransomware-as-a-service" (RaaS) model where
Summary
SAP has released its May 2021 security patches for a variety of products. Each product and a link to details on the vulnerability are listed below. In all, 6 security notes were released. Of these, 3 are rated high, 2 are rated as medium, and 1 is rated as low. Additionally, there 5 are updates to previously released patches. The potential impact from successful exploitation of the most serious vulnerability is code injection. In addition, information disclosure, malicious redirection, and other nef
Summary
The ICS-CERT has published fifteen advisories that affect Omron CX-One, Mitsubishi Electric GOT and Tension Controller, and a number of Siemens products.
Threat Type
Vulnerability
Overview
The ICS-CERT has published fifteen advisories that affect Omron CX-One, Mitsubishi Electric GOT and Tension Controller, and a number of Siemens products. Further information is available from the advisories which are summarized below.
ICS Advisory ICSA-21-131-01 - Omron CX-One
CVE-2021-27413 - The affected product
By the time you read this post, the 2021 Verizon Data Breach Investigation Report (DBIR) will be published. Akamai has been one of the many partners contributing data to this report for more than half a decade. We greatly value the time, effort, and dedicated data science that goes into providing this level of research to the security community.
Akamai employees across the globe showed up in full force for Akamai Earth Month 2021 -- our campaign to help employees take small actions at home and in their community to make a difference for the planet.
Summary
For the month of May, Microsoft has published 55 bulletins. Of the bulletins, 4 are rated as Critical, 50 are rated as Important, and 1 is rated as Moderate. None of the vulnerabilities are reported to have been exploited in the wild.
Threat Type
Vulnerability
Overview
For the month of May, Microsoft has published 55 bulletins. Of the bulletins, 4 are rated as Critical, 50 are rated as Important, and 1 is rated as Moderate. None of the vulnerabilities are reported to have been exploited in the wild.
Summary
Researchers from Netlab 360 discover a new backdoor they have named RotaJakiro, targeting Linux x64 systems. The backdoor uses rotate encryption for it's communications and implements different persistence features depending on whether the user has root privileges or not.
Threat Type
Malware, Backdoor, Data Theft, APT
Overview
A new Linux backdoor family, named RotaJakiro, has been discovered by researchers from Netlab at 360. The backdoor uses rotate encryption for it's communications and implement
Summary
Trend Micro researchers have discovered a botnet malware campaign that makes use of TOR network proxies to download files, abuses infrastructure-as-code (IaC) tools for malware spreading, and installs a cryptocurrency miner.
Threat Type
Malware, Botnet, Cryptomining
Overview
A botnet malware campaign discovered by Trend Micro researchers is making use of TOR proxies to download files including non-malicious binaries it may not find on the victim host but needs in order to carry out its deeds. The ma
Summary
Adobe has released twelve security updates. The updates are for Acrobat and Reader, After Effects, Animate, Creative Cloud Desktop Application, Experience Manager, Genuine Service, Illustrator, InCopy, InDesign, Magento, Media Encoder, and Medium. Ten of the updates address at least one vulnerability rated by Adobe as Critical. One of the vulnerabilities addressed in the Acrobat and Reader updates is reported as having been exploited in the wild.
Threat Type
Vulnerability
Overview
Adobe has released