Security News > 2021 > August > Week in review: ProxyShell and Realtek SDK vulnerabilities exploitation, automated pentesting

Realtek SDK vulnerability exploitation attempts detectedThreat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices.

ProxyShell vulnerabilities actively exploited to deliver web shells and ransomwareThree so-called "ProxyShell" vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the Cybersecurity and Infrastructure Security Agency warned.

ICS vulnerabilities disclosed in H1 2021 rose by 41%Industrial control system vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have elevated ICS security to a mainstream issue, according to a report released by Claroty.

Why automated pentesting won't fix the cybersecurity skills gapThe security talent gap is not getting any smaller and people are coming up with some outlandish ideas for closing it.

Hybrid work: How do you secure every identity on your network?In this interview with Help Net Security, Ben King, Chief Security Officer EMEA / APAC, Okta, talks about the authentication challenges related to hybrid working environments, the state of passwordless authentication, and much more.

What is the HIPAA Security Rule? Three safeguards to have in placeTwo notable rules were added to HIPAA: the Privacy Rule, to help cover the physical security of PHI, and the Security Rule, to safeguard electronic protected health information.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/S0KGYes5t-0/