Author: Admin

Facilities in the sector saw an average of 1,739 attacks per organization each week last month, according to Check Point Research. Image: seksan Mongkhonkhamsao/Moment/Getty Images Cybercriminals tend to target organizations and industries that they know are vulnerable. That’s especially true given the repercussions of the coronavirus pandemic and the move to remote work. A report published Wednesday by cyber threat intelligence provider Check Point Research looks at the latest wave of cyberattacks against educational and…

During a recent client engagement, the DGC penetration testing team identified a previously unknown vulnerability affecting the Autodesk Licensing Service, a software component bundled with nearly all licensed Autodesk products. The vulnerability exists in a software component common to most Autodesk products and impacts nearly all organizations using licensed Autodesk software in any capacity. The Common Vulnerabilities and Exposures number is CVE-2021-27032, Autodesk Licensing Service: Local Privilege Escalation. Because these software products are so widely…

The average cost of phishing for large US organizations has soared by 289% over the past six years, with firms now losing nearly $15m annually, according to Proofpoint. The security vendor commissioned the Ponemon Institute to poll nearly 600 IT and IT security practitioners to compile its latest Cost of Phishing study. It revealed that the average large US organization loses $14.8m per year to phishing-related cybercrime, up from $3.8m in 2015 and calculated at…

Security researchers have found yet another critical IoT supply chain vulnerability affecting millions of devices, which could enable attackers to eavesdrop on real-time camera feeds. Mandiant revealed the CVE-2021-28372 bug yesterday after reporting it to the Cybersecurity and Infrastructure Security Agency (CISA). It affects devices using the “Kalay” platform from Taiwanese firm ThroughTek, which makes software for OEMs to use in IP cameras, baby and pet monitoring cameras, digital video recorders (DVRs) and more. Although Mandiant…

A vulnerability in BlackBerry’s QNX Real-Time Operating System (RTOS) could pose a serious security risk to critical infrastructure providers, the US government has warned. Microsoft first discovered the so-called “BadAlloc” flaws in April. These remote code execution (RCE) bugs cover over 25 CVEs and take the form of integer overflow or wraparound vulnerabilities, it said at the time. The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning that the QNX RTOS is vulnerable to one of…