Seedworm havocs MiddleEast Telecoms
A cyberespionage campaign targeting telecoms operators, IT services organizations, and a utility company in the Middle East and other parts of Asia has been linked to the Iran-nexus advanced APT…
SAP Patches Log4j in its Apps
SAP identified a total of 32 applications affected by CVE-2021-44228, a critical vulnerability in the Apache Log4j Java-based logging tool, and has already shipped patches for 20 of them, while…
IIS Module Malvertised to Steal Microsoft Exchange Credentials
Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. Owowa…
Posted inSecurity
Log4J Exploit Mitigation Incomplete !
A second vulnerability involving Apache Log4j was found after experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE 2021-45046, says the fix to…
Tufin Security Policy Builder App
Tufin has released Tufin Security Policy Builder (SPB) App, to automate the design of corporate security access policies across the hybrid environment, reducing the complexity and time it takes to…
LogMeIn Separates LastPass as Independent Company
LogMeIn announced that it plans to spin off its password manager LastPass as a separate company to allow LastPass to increase focus, investment, and support for its business. LastPass was…
Posted inSecurity
Microsoft Patch Tuesday December 2021
Microsoft patched 67 CVEs in the December 2021 Patch Tuesday release, including seven rated as critical, and 60 rated as important. This month’s update includes patches for: AppsASP.NET Core &…