Control Gap Vulnerability Roundup: August 6th to August 12th
This week saw the publication of 576 new CVE IDs. Of those, 80 have not yet been assigned official CVSS scores, however, of the ones that were,...
Welcome to This Week’s [in]Security. PCI and payments: e-com skimmers. New breaches: Malaysia. Kubernetes, TrustStamp. New Ransomware: Countries, Nikkei. Major outages. Follow-ups & Fall-out. Privacy: You for sale, ID.me. Laws & Regs - Canada: Huawei ban, C-11. US: CFAA abuse, AML settlement. World: cybersecurity reporting, platform liability, Standards: NIST 800-140C/D. Defense - Training & events: Tools: Supply chain framework, Browser password vaults. Vulnerabilities - Advisories: Initial access, CISA Vmware & A/D. Zerodays: what APTs know, Mac, iOS. Patching: partial protection, NVIDIA. Other: Spies in the workforce, e-voting, OAuth, SQL persistence, WordPress, Russian CA? Vulnerability research: Bluetooth relay attack, Tesla. Crypto-research: Post-quantum, Telegram. Cybercrime: MSP attacks. FaceStealer, MSSQL brute force, chatbots, exotic languages. Crime & Enforcement, Nation States & mercenaries. Other Risks: Cyber-insurance, Facebook e-com, CitizenLab on Bing. Health, Safety, & Environment. Disinformation, Economy. Russia v. Ukraine. Innovation and more.
This week saw the publication of 576 new CVE IDs. Of those, 80 have not yet been assigned official CVSS scores, however, of the ones that were,...
Welcome to This Week’s [in]Security. PCI FAQs. Crypto-research: the PQC demo derby, more SIDH attacks. New breaches: Twillo, Cisco, Shanghai, ipay88,...
This week saw the publication of 449 new CVE IDs. Of those, 315 have not yet been assigned official CVSS scores, however, of the ones that were,...