eCommerce News Asia logo
The latest digital commerce news for Asian businesses

Security vulnerabilities stories

Story image
Secure Code Warrior
Secure Code Warrior announces Coding Labs innovation
This week
Coding Labs mechanisms allow developers to move from learning to applying secure coding knowledge more efficiently, leading to fewer code vulnerabilities.
Story image
Phishing
Vectra Protect team finds Microsoft Teams vulnerability
This week
The Vectra Protect team identified a post-exploitation opportunity in August, allowing malicious actors to steal valid user credentials from Microsoft Teams.
Story image
Security vulnerabilities
Claroty finds seven vulnerabilities in Dataprobe iBoot-PDU
This week
The Claroty research team (Team82) has found seven vulnerabilities in Dataprobe's iBoot-PDU, the company's intelligent power distribution unit product.
Story image
Cybersecurity
Apathetic Kiwis a mouthwatering prospect for cybercriminals
This month
The most significant and most exploited cybersecurity vulnerability of any New Zealand organisation is its people.
Story image
Cybersecurity
Internet of Things vulnerability disclosures grew 57%
Last month
Vulnerability disclosures impacting IoT devices increased by 57% in the first half of 2022 compared to the previous six months.
Story image
Check Point Software
Check Point Research finds vulnerabilities in Xiaomi's mobile payment mechanism
Last month
Check Point Software's research teams have uncovered vulnerabilities in Xiaomi's mobile payment mechanism.
Story image
Cloud Security
Tenable makes additions to Cloud Security portfolio
Last month
Tenable has announced additions to Tenable Cloud Security that represent the next step in assessing threats related to cloud vulnerabilities.
Story image
Security vulnerabilities
Flashpoint says vulnerability disclosure ‘highly volatile’
July 2022
Flashpoint has released The State of Vulnerability Intelligence: 2022 Midyear Edition, finding that the current state of the vulnerability disclosure landscape is ‘highly volatile’.
Story image
Palo Alto Networks
New study reveals opportunistic behaviour of cyber criminals
July 2022
"Ransomware attackers are also becoming more organised [...] as they engage with cyber criminals and the victimised organisations."
Story image
Mobile Device Management
Claroty's Team82 uncovers two vulnerabilities in FileWave’s MDM system
July 2022
Claroty’s research arm (Team82) has uncovered and disclosed two critical vulnerabilities in FileWave’s Mobile Device Management (MDM) system.
Story image
Cloud
Rapid7 unveils new capabilities for InsightCloudSec offering
July 2022
Rapid7 has added new layered context capabilities to its InsightCloudSec offering to give security teams a consolidated, unified, real-time view of risk signals.
Story image
Ransomware
Sophos reveals latest tactics of BlackCat ransomware group
July 2022
Sophos has revealed that the ransomware gang BlackCat has added Brute Ratel, a pentesting tool, to its arsenal of attack tools.
Story image
Ransomware
Zero-day attacks climb as hackers get more sophisticated
July 2022
Hackers are moving fast to exploit security vulnerabilities. There was a surge in widespread zero-day attacks last year, with the average time to exploitation down from 42 days in 2020 to just 12 days in 2021. 
Story image
Ransomware
Secureworks reveals new information on BRONZE STARLIGHT threat group
June 2022
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Story image
Vendor
Forescout reveals top vulnerabilities impacting OT vendors
June 2022
Forescout’s Vedere Labs has disclosed OT: ICEFALL, naming 56 vulnerabilities affecting devices from 10 operational technology vendors.
Story image
Advent One
Advent One partners with US vulnerability management company
June 2022
Advent One has partnered with New York based vulnerability management company, Vicarius to accentuate cybersecurity detection and response capabilities
Story image
Cloud
Sophos uncovers latest cyber attack trends in Playbook report
June 2022
Research finds that there has been a 36% increase in cyber attack dwell time, with a median intruder dwell time of 15 days in 2021 versus 11 days in 2020.
Story image
Security vulnerabilities
New Qualys solution enables better vulnerability management
June 2022
The new cloud-based solution gives insights into an organisation's risk posture along with the ability to use drag and drop workflows to orchestrate responses.
Story image
Robotic Process Automation
Micro Focus unveils Data Center Automation for SaaS delivery
June 2022
MicroFocus has released Data Center Automation (DCA) for software-as-a-service (SaaS) delivery, offering more cost-effective vulnerability risk and IT compliance management.
Story image
Cloud
Armis risk management solution hones in on entire attack surface
June 2022
Armis' new solution for risk-based vulnerability management enables businesses to prioritise mitigation efforts across the entire asset attack surface.
Story image
Microsoft
Elevation of Privilege the top 2021 Microsoft vulnerability
May 2022
BeyondTrust has released its 2022 Microsoft Vulnerabilities Report, finding that Elevation of Privilege is the top vulnerability category for the second consecutive year.
Story image
New Relic
New Relic launches vulnerability management platform
May 2022
New Relic has introduced New Relic Vulnerability Management to help organisations find and address security risks faster and with greater precision.
Story image
Malware
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
May 2022
“Threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and attacks still persists."
Story image
Cloud
Qualys updates Cloud Platform solution with rapid remediation
May 2022
The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.