All the latest blog posts from the most relevant cyber security companies in the business.

It’s more difficult than ever to protect our infrastructure, government, and businesses from becoming victims of well-funded, skilled adversaries. From the Log4j vulnerability to the SolarWinds hack to the Colonial Pipeline cyberattack, organizations are more vulnerable to cyberattacks than ever before. In fact, 87% of enterprises across 11 countries have fallen victim to cyberattacks in…

Meant to provide significantly reduced power consumption and costs at communication ranges similar to those provided by Bluetooth, BLE is used for a broad range of applications in sectors such as automotive, healthcare, security, home entertainment, and more. BLE proximity authentication is typically to unlock or keep unlocked products such as cars, smart locks, access…

The flaw, tracked as CVE-2022-30525, affects ATP, VPN and USG FLEX series firewalls. The vulnerability can be exploited by a remote, unauthenticated attacker for arbitrary code execution as the “nobody” user. The affected products are recommended for businesses and they provide VPN, SSL inspection, intrusion protection, web filtering and email security capabilities. The Shodan search…

Also referred to as APT35, Magic Hound, NewsBeef, Newscaster, Phosphorus, and TA453, the advanced persistent threat (APT) actor is known for the targeting of activists, government organizations, journalists, and various other entities. In November 2021, a joint advisory from government agencies in the US, UK, and Australia warned of Iranian state-sponsored attacks targeting critical infrastructure…

If you’re concerned about the increased threat of cyberattacks by state-sponsored hackers and hacktivist groups in the current geopolitical atmosphere, you’re certainly justified. Criminal groups are emerging from the shadows and pledging their allegiance to Russia. They’re conducting reconnaissance attacks and coalescing into the roles they’ll play in the global cyberwar many see on the…

Siemens has released 12 advisories covering 35 vulnerabilities. Based on CVSS scores, the most important advisory covers 11 flaws affecting the web server of SICAM P850 and P855 devices. One of these bugs is critical and it allows an unauthenticated attacker to execute arbitrary code or launch a denial-of-service (DoS) attack. The five high-severity vulnerabilities…