Oracle releases emergency update for RCE flaw in Oracle WebLogic
CVE-2020-14750 is related to another WebLogic vulnerability patched as part of the October 2020 Critical Patch Update, which is already being targeted by cybercriminals.
Cybersecurity News - Page 342
UK watchdog fines Marriott International £18.4m over customer data breach
The penalty only relates to the breach from March 25, 2018, when new rules under the General Data Protection Regulation came into effect.
Feds explain how Iranian hackers obtained US voter registration data
The attacks involved exploitation of known vulnerabilities, directory traversal, SQL injection, web shell uploads, and unique flaws in websites.
Google exposes Windows zero-day vulnerability actively exploited in the wild
Attackers are using the zero-day Windows flaw together with separate bug in Chrome, which Google already fixed last month.
Vulnerability summary for the week: October 30, 2020
A weekly vulnerability digest.
Hackers are on the hunt for Oracle WebLogic servers vulnerable to CVE-2020-14882
The vulnerability allows unauthenticated attackers to take over the system by sending a simple HTTP GET request.
US Cyber Command provides info on malware implants used in attacks against parliaments, embassies
US authorities shared details on the ComRAT malware and the Zebrocy backdoor used by Russia-linked Turla and APT 28 hacker groups.
Maze ransomware gang prepares for shut down
The Maze group had stopped encrypting new victims in September 2020, and is now trying to get the last payments from their victims.
Iranian hackers targeted “high profile” security conference attendees
The attacks involved spoofed emails with invitations ostensibly sent from organizers of the Munich Security Conference and the Think 20 Summit in Saudi Arabia.
US authorities warn of a global North Korean cyber espionage operation
The group is focused on gathering intelligence on foreign policy and national security issues related to the Korean peninsula.
Showing elements 3411 - 3420