SolarWinds - Cloud Security Alliance News Clipping Site

Hacker News: The EU Throws a Hand Grenade on Software Liability

Oct 27, 2024

—

by

Source URL: https://www.lawfaremedia.org/article/the-eu-throws-a-hand-grenade-on-software-liability Source: Hacker News Title: The EU Throws a Hand Grenade on Software Liability Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses significant developments regarding software liability in the EU and the U.S., contrasting the proactive measures taken by the EU to hold software producers accountable with the U.S.’s…

The Register: Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures

Oct 22, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/22/sec_fines_four_tech_firms/ Source: The Register Title: Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures Feedly Summary: Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing Four high-profile tech companies reached an agreement with the Securities and Exchange Commission to pay millions of dollars in…

The Register: SolarWinds critical hardcoded credential bug under active exploit

Oct 16, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/16/solarwinds_critical_hardcoded_credential_bug/ Source: The Register Title: SolarWinds critical hardcoded credential bug under active exploit Feedly Summary: No word yet on scope of attacks A critical, hardcoded credential bug in SolarWinds’ Web Help Desk products has been found and exploited by criminals, according to the US Cybersecurity and Infrastructure Security Agency, which has added the…

Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

Oct 15, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/15/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-30088 Microsoft Windows Kernel TOCTOU Race Condition Vulnerability CVE-2024-9680 Mozilla Firefox Use-After-Free Vulnerability CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability These…

The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

Oct 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/ Source: The Register Title: US and UK govts warn: Russia scanning for your unpatched vulnerabilities Feedly Summary: Also, phishing’s easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK…

The Register: SolarWinds left critical hardcoded credentials in its Web Help Desk product

Aug 22, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/08/22/hardcoded_credentials_bug_solarwinds_whd/ Source: The Register Title: SolarWinds left critical hardcoded credentials in its Web Help Desk product Feedly Summary: Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated…

Tag: SolarWinds

Hacker News: The EU Throws a Hand Grenade on Software Liability

The Register: Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures

The Register: SolarWinds critical hardcoded credential bug under active exploit

Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

The Register: SolarWinds left critical hardcoded credentials in its Web Help Desk product