SEARCH
SAP Fixes Three High-Severity Flaws
The most severe flaw stems from password requirements not being checked in some features of SAP’s NetWeaver Java User Management Engine.
Hospital IT Help Desks Hit With Social Engineering Attacks
The U.S. Department of Health and Human Services is warning of "sophisticated" social engineering attacks on hospital IT help desks that aim to gain access to employees' email accounts.
New Starry Addax Threat Actor Targets Victims With Android Malware
A newly identified threat group known as Starry Addax is targeting human rights activists and others in western Africa with novel Android malware called FlexStarling.
3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are known, there is plenty we still don't know. Dennis Fisher and Lindsey O'Donnell-Welch talk about the unknowns and what if anything could have been done to prevent this from happening.
Ivanti Patches New Flaws as Exploits Continue Against Older Ones
Ivanti has released patches for four new vulnerabilities in its Connect Secure and Policy Secure appliances, as Mandiant said it has seen eight separate groups exploiting some older flaws in those devices.