Oracle is preparing the release of nearly 500 new security patches with its Critical Patch Update (CPU) for January 2022.
Oracle to Release Nearly 500 New Security Patches
Safari 15 Vulnerability Allows Cross-Site Tracking of Users
A vulnerability in Apple’s implementation of the IndexedDB API in Safari 15 allows websites to track users’ activity on other sites and even to reveal their identity, browser fingerprinting and fraud detection firm FingerprintJS explains.
Critical SAP Vulnerability Allows Supply Chain Attacks
A critical vulnerability addressed recently in SAP NetWeaver AS ABAP and ABAP Platform could be abused to set up supply chain attacks, SAP security solutions provider SecurityBridge warns.
Cybersecurity M&A Roundup for January 1-16, 2022
Personal Information Compromised in Goodwill Website Hack
Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach.
Microsoft Uncovers Destructive Malware Used in Ukraine Cyberattacks
Newly detected WhisperGate malware being used by previously unknown threat group in cyberattacks against Ukraine
Russian Court Remands Hackers in Custody
A Moscow court on Saturday remanded eight hackers in custody for two months as Russia cracks down on the REvil cybercrime group at Washington’s request.
Ukraine Says Has ‘Evidence’ Russia Behind Cyberattack
Ukraine said Sunday it had “evidence” that Russia was behind a massive cyberattack that knocked out key government websites this past week, while Microsoft warned the hack could be far worse than first thought.
Ukraine Hacks Add to Worries of Cyber Conflict With Russia
Hackers on Friday temporarily shut down dozens of Ukrainian government websites, causing no major damage but adding to simmering tensions while Russia amasses troops on the Ukrainian border. Separately, in a rare gesture to the U.S. at a time of chilly relations, Russia said it had arrested members of a major ransomware gang that targeted U.S. entities.
Details Published on AWS Flaws Leading to Data Leaks
Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to leak sensitive files or access other customers’ data.
