Common Vulnerabilities and Exposures (CVE) stories - Page 15

Sophos has become a Numbering Authority in the Common Vulnerabilities and Exposures programme, enabling it to assign CVE identification to its own products.

The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.

GitHub's 2020 State of the Octoverse report reveals the latest trends in developer activity, including top languages and security vulnerabilities.

Unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.

Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.

Malware exploiting a decade-old Microsoft Office vulnerability has surged by 400%, according to a study by NordVPN.

Manufacturers using Wibu-Systems CodeMeter are urged to update to version 7.10 due to vulnerabilities that could allow attackers to take control of OT networks.

One in three IT environments vulnerable to Ripple20 cyber threat, says ExtraHop. Attackers can exploit 19 vulnerabilities in the Treck networking stack.

The vulnerabilities have the potential to 'ripple' through complex software supply chains, enabling attackers to steal data or execute code.

According to the company's annual mid-year roundup report, Trend Micro blocked 8.8 million COVID-19 related threats, nearly 92% of which were email-based.

Industrial control system (ICS) vulnerabilities are increasing due to remote access, says a report by The Claroty Research Team.

Kaspersky uncovers zero-day exploits in Windows OS and Internet Explorer used in targeted attack, prompting security patches.

Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.

Vulnerable VPN servers and clients used in critical industries have been discovered by cybersecurity firm Claroty, potentially leading to security breaches.

A newly discovered vulnerability in DNS resolvers, dubbed NXNSAttack, enables cybercriminals to launch highly amplified DDoS attacks, warns Radware.

Since early January 2020, the number of internet-accessible Cisco ASA devices considered vulnerable has jumped from 170,000 to 220,000.

COVID-19 has reshaped consumer and enterprise behaviour, as revealed by ExtraHop's IoT device analysis, highlighting long-term security risks.

Positive Technologies says it is 'impossible' to detect this kind of key breach, and no firmware updates can fix the vulnerability.

Only 10% of organisations believe they have complete and accurate intelligence over all SSH machine identities.

More than a month after a critical Citrix software flaw endangered 80,000 firms globally, new data reveals 15,000 companies remain at high risk.