SonicWall Patches Y2K22 Bug in Email Security, Firewall Products
Cybersecurity firm SonicWall says it has released patches for some of its email security and firewall products to address a bug that resulted in failed junk box and message log updates.
WordPress 5.8.3 Patches Several Injection Vulnerabilities
WordPress 5.8.3, a security release that became available last week, patches four injection-related vulnerabilities.
Two of the flaws are SQL injections — one affects WP_Meta_Query (discovered by Ben Bidner of the WordPress security team) and one affects WP_Query (discovered by ngocnb and khuyenn of GiaoHangTietKiem JSC).
Indian Cyberspies Expose Their Operation After Infecting Themselves With RAT
The India-linked threat actor tracked as Patchwork was observed employing a new variant of the BADNEWS backdoor in a recent campaign, but the hackers also infected one of their own computers, giving researchers a glimpse into their operations.
QNAP Urges Users to Secure NAS Devices as Attacks Surge
Taiwan-based QNAP Systems on Friday warned users of an increase in attacks targeting network-attached storage (NAS) appliances, urging them to secure their devices as soon as possible.
Zloader Banking Malware Exploits Microsoft Signature Verification
The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point.
VMware Plugs Security Holes in Workstation, Fusion and ESXi
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code execution attacks.
Recorded Future Acquires SecurityTrails in $65M Deal
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
ICS Vendors Respond to Log4j Vulnerabilities
Biometric Face Authentication Firm iProov Takes $70M Investment
iProov, a provider of online biometric face authentication, announced on Thursday that it has received a $70 million growth investment from Sumeru Equity Partners.
