Vulnerabilities – TFun dot org

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

24/09/2021Lisa Vaas

Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Source: Threatpost.com

Threat Roundup for September 17 to September 24

24/09/2021

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Sept. 17 and Sept. 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral… [[ This is only the beginning! Please visit the blog […]

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

24/09/2021Tara Seals

Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Source: Threatpost.com

SonicWall Patches Critical Vulnerability in SMA Appliances

24/09/2021Eduard Kovacs

SonicWall has published a security advisory and a security notice to inform customers about a critical vulnerability affecting some of its Secure Mobile Access (SMA) appliances. read more Source: Security Week

Apple Patches 3 More Zero-Days Under Active Attack

24/09/2021Elizabeth Montalbano

One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges. Source: Threatpost.com

Apple Confirms New Zero-Day Attacks on Older iPhones

23/09/2021Ryan Naraine

Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. read more Source: Security Week

5 Tips for Achieving Better Cybersecurity Risk Management

23/09/2021Casey Ellis

Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively. Source: Threatpost.com

100M IoT Devices Exposed By Zero-Day Bug

23/09/2021Becky Bracken

A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more. Source: Threatpost.com

Improving Security Posture to Lower Insurance Premiums

23/09/2021Kevin Townsend

Cyber insurance is a new branch of an old industry. That industry has centuries of experience in insuring shipping and a hundred or more years of insuring motor cars — but only a few decades of cyber knowledge. It has comparatively little knowledge of either cyber risk or the financial insurance risk – and nobody […]

Web Security Provider Jscrambler Raises $15 Million

23/09/2021Ionut Arghire

Client-side web security provider Jscrambler on Thursday announced that a $15 million Series A financing round led by Ace Capital Partners. Existing investors Sonae IM and Portugal Ventures also participated. read more Source: Security Week