Security researchers have published technical details on a critical Fusion Middleware vulnerability that Oracle took six months to patch.
Researchers: Oracle Took 6 Months to Patch ‘Mega’ Vulnerability Affecting Many Systems
CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day
Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter.
Black Basta Ransomware Becomes Major Threat in Two Months
Hadrian Raises $11 Million for Offensive Security Platform
Offensive security startup Hadrian today announced that it has received €10.5 million ($11 million) in unsolicited seed funding that brings the total invested in the company to $13.7 million.
The investment round was led by HV Capital, with participation from Picus Capital, previous investor Slimmer.AI, and various angel investors.
Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors
Codesys this week announced patches for nearly a dozen vulnerabilities discovered in the company’s products by researchers at Chinese cybersecurity firm NSFocus.
US Agencies Warn Organizations of Log4Shell Attacks Against VMware Products
The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers.
US, UK, New Zealand Issue PowerShell Security Guidance
The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Cyber Security Centres in New Zealand (NZ NCSC) and the United Kingdom (NCSC-UK) have issued joint guidance on the proper configuration and monitoring of PowerShell to eliminate the risk of abuse.
Apple, Android Phones Targeted by Italian Spyware: Google
An Italy-based firm’s hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light on a “flourishing” spyware industry.
A Year After Death, McAfee’s Corpse Still in Spanish Morgue
The body of software entrepreneur John McAfee remained at a morgue in Spain Thursday a year after his death as a legal case filed by his family, who do not believe he committed suicide, is yet to be resolved.
Biden Signs Two Cybersecurity Bills Into Law
Two bipartisan cybersecurity bills were signed into law on Tuesday, June 21, 2022, by US President Joe Biden: the Federal Rotational Cyber Workforce Program Act of 2021, and the State and Local Government Cybersecurity Act of 2021.