Security News

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation application and Cisco's Web Security Appliance and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs exist in the web-based management interface of the Cisco Business Process Automation, which is used to streamline various IT processes.

ADVA launched an optical transport solution secured by post-quantum cryptography. The FSP 3000 ConnectGuard optical encryption solution now protects data against cyberattacks from quantum computers that could break today's cryptographic algorithms.

Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The survey of over 2,000 respondents from across the United States found that end users are not paying attention to the major attacks plaguing operational technology and critical infrastructure across the country, signaling the importance of businesses prioritizing a focus on security as employees return to the office.

Most of one of Sweden's leading supermarket chains' 800 shops remained closed on Monday, three days after they were indirectly affected by the cyberattack targeting US company Kaseya. On Friday, a hacking attack indirectly hit the supermarket chain, paralysing all its cash registers and forcing the company to temporarily close nearly all its shops across the country.

Qurium Media Foundation has reported a campaign of DDoS attacks on Filipino media outlets and human rights organisations that appear to be coming from the country's Department of Science and Technology and Army. "During the past month, Qurium has received brief but frequent denial attacks against the Philippine alternative media outlets Bulatlat and AlterMidya, as well as the human rights group Karapatan," said the Swedish digital rights, data protection, and internet security NGO in its online report.

The transition to EHRs has made ransomware and data-theft attacks far more costly and damaging for healthcare institutions. Researchers have found that Ryuk ransomware is increasingly targeting RDPs, particularly in the healthcare sector.

No sensitive information was compromised in a ransomware attack last month on the state agency that provides ferry service between mainland Massachusetts and the islands of Martha's Vineyard and Nantucket. "After a rigorous evaluation of our systems, this investigation has now concluded and the cybersecurity investigators have confirmed that no sensitive information, including customer data or payment information, was viewed or downloaded during this incident," the Woods Hole, Martha's Vineyard and Nantucket Steamship Authority announced in a statement Wednesday.

In order to protect themselves and your business against phishing campaigns, malware and other types of attacks, your workers should have a certain awareness of cyber incidents and more importantly security best practices. Automatically expecting your fellow workers to become knowledgeable enough about cybersecurity to help combat attacks is foolhardy, unless you provide them with the right training.

A televised phone-in with Russian President Vladimir Putin Wednesday was targeted by "Powerful" cyberattacks, the state-run Rossiya 24 network which broadcast the event said. Shown on Kremlin-friendly media, the annual session with Putin sees the president field in real time queries submitted by Russians throughout the country.

SonicWall announced three new high-performance firewall models for enterprises and large organizations - NSa 4700, NSa 6700 and NSsp 13700 - designed to accelerate network throughput, stop advanced cyberattacks like ransomware, and securely connect millions of users. The new SonicWall NSa 4700 and NSa 6700 next-generation firewalls deliver 18 and 36 Gbps of firewall throughput - three times the previous comparable SonicWall appliances.