Security News

Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection vulnerability affecting its Analytics On-Prem and Global Management System products. The vulnerability, tracked as CVE-2022-22280, is rated 9.4 for severity on the CVSS scoring system and stems from what the company describes is an "Improper neutralization of special elements" used in an SQL command that could lead to an unauthenticated SQL injection.

Customers of automaker General Motors and wedding planning company Zola have had customer accounts compromised through credential stuffing, and the criminals have used the access to redeem gift cards. Credential stuffing is a type of attack aimed at hijacking accounts.

Car manufacturer General Motors has confirmed the credential stuffing attack it suffered last month exposed customers' names, personal email addresses, and destination data, as well as usernames and phone numbers for family members tied to customer accounts. Other more personal information, including social security and credit card and bank account numbers, as well as drivers license data are not stored in customers' GM accounts and were not laid bare, GM officials said in a letter [PDF] sent to customers this month.

US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers' information and allowed hackers to redeem rewards points for gift cards. Car owners can redeem GM rewards points towards GM vehicles, car service, accessories, and purchasing OnStar service plans.

Accelerating its push to aggressively grow global deployments and its market presence worldwide, NanoLock Security expanded its executive team to add deep utilities and security expertise with several new appointments including David Stroud who has joined NanoLock as GM of Europe and APAC. Stroud, who will be based in NanoLock's UK office, is an industry-recognized leader with over 15 years of deep international experience, along with direct expertise in the energy and metering sector - including through his successful tenure as executive director of EDMI Europe, a leading smart metering solution provider, and as general manager of Advanced Metering Services, New Zealand's largest metering provider. Stroud's presence in Europe and his highly relevant knowledge of this market will enable NanoLock to pursue further strategic partnerships in Europe and APAC with utilities and manufacturers.

ArchTIS announced the company is expanding its presence across Europe, Middle East and Africa with the appointment of Pete Smith as the Vice President and General Manager of EMEA, based in London, United Kingdom and the creation of a new UK corporate subsidiary. In addition to the appointment of Smith as the regional VP and GM, archTIS expects to finalise the formation of a UK corporate subsidiary in the coming week, which will formalise the Company's regional presence and support existing sales operations in the EMEA region, while bolstering the company's existing channel footprint across the region which includes channel partners in Ireland, South Africa, Germany and the Middle East.

Cohesity announced it has named Richard Gadd as vice president and general manager, EMEA sales with immediate effect. A proven technology sales and business development leader with almost three decades of experience in EMEA, Gadd will manage the company's business and sales operations throughout the region.

Bishop Fox announced the appointment of accomplished industry executive, Patty Wright, as senior vice president and general manager of consulting. Wright reports to Bill Carroll, Bishop Fox's chief operations officer.

AttackIQ announced that Ross Brewer has been promoted to General Manager and Vice President of Europe, Middle East and Africa and Asia Pacific Japan regions. Today, more than 9,000 students in 100 countries across EMEA and APJ are continuing their cybersecurity education with AttackIQ Academy.

Cloudflare announced the appointment of Jonathon Dixon as Vice President and General Manager, Asia Pacific, bringing with him more than 20 years of enterprise leadership experience in the IT industry, working for companies including IBM, Cisco and Amazon Web Services. Today, Cloudflare's global network spans more than 200 cities in more than 100 countries, including 44 cities across Asia Pacific.