-
Businesses urged to remain vigilant as Log4Shell issues persist one year onNews Thousands of businesses globally were targeted within just days of the vulnerability disclosure
News -
China-backed hackers take down Amnesty International Canada for three weeksNews Cyber security experts linked state-sponsored APTs to the tools and methodology of the attack, which may have been intended as a covert campaign
News -
US seizes millions in stolen COVID relief funds by China-backed hackersNews APT41 had stolen at least $20 million intended for small businesses, but this is a drop in the water compared to the total lost
News -
Defra's legacy software problem 'threatens' UK gov cyber security until 2030News The department spends over two-thirds of its digital budget on maintaining the risky applications, with no plan in place for a fix within the decade
News -
Hyundai vulnerability allowed remote hacking of locks, engineNews Researchers discovered flaws in a number of apps linked to car brands that allowed for personal details and remote control of vehicles using easily-obtained IDs
News -
NSA: Phase out memory-unsafe languages like C and C++News The US agency advises organisations to begin using languages like Rust, Java, and Swift
News -
Lenovo patches ThinkPad, Yoga, IdeaPad UEFI secure boot vulnerabilityNews Mistakenly used drivers could allow hackers to modify the secure boot process
News -
GitHub launches private vulnerability reporting to secure the software supply chainNews The new platform aims to simplify vulnerability disclosure and minimise instances where researchers avoid reporting out of personal convenience
News -
OpenSSL 3.0 vulnerability: Patch released for security scareNews The severity has been downgraded from 'critical' to 'high' and comparisons to Heartbleed have been quashed
News -
Major security exploits expected to rise before New YearNews Supply chain attacks are also expected to increase, along with affiliate programmes becoming more popular
News -
Second-ever OpenSSL critical vulnerability teased, 10 years after HeartbleedNews All OpenSSL versions beyond 3.0 are at risk, with more details due to be released alongside a patch on 1 November
News -
Apple patches actively exploited iPhone, iPad zero-day and 18 other security flawsNews The out-of-bounds write error is the eighth actively exploited zero-day impacting Apple hardware this year and could facilitate kernel-level code execution
News
