Company size doesn’t matter when it comes to cyberattacks
65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according to Netwrix.…
Digital nomads drive changes in identity verification
Over the past year, 4 in 5 financial companies had experienced an increase in the number of verification cases involving foreign documents, according to Regula. The post Digital nomads drive…
Industrial automation giant ABB disclosed data breach after ransomware attack
Swiss electrification and automation technology giant ABB confirmed it has suffered a data breach after a ransomware attack. ABB has more than 105,000 employees and has $29.4 billion in revenue…
New Bandit Stealer targets web browsers and cryptocurrency wallets
Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is…
CISA adds recently patched Barracuda zero-day to its Known Exploited Vulnerabilities catalog
US CISA added recently patched Barracuda zero-day vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a recently patched Barracuda zero-day vulnerability to its Known…
5/26-28/2023
Italy’s Industry Ministry Reports ‘Heavy’ Cyberattack Senegalese Government Websites Hit With Cyber AttackIsraeli Cyber Company NSO Group Has New Ownership After U.S. BlacklistPortugal Moves Closer to Banning Chinese Suppliers From…
CVE-2023-23301
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious…
CVE-2023-23302
The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could…
CVE-2023-23303
The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could…
CVE-2023-23304
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `Toybox.SensorHistory` module without permission. A malicious application could…