Data Breaches Security Vulnerability

Almost half of websites vulnerable to cyber attack

Almost half of all Dutch company websites are vulnerable to attacks by cyber criminals due to vulnerabilities in software, configurations and web services. The result is often data theft or extortion through ransomware. “Entrepreneurs are insufficiently aware of the risks,” says cybersecurity specialist ID Control based on three studies of web shops, government websites and […]

vulnerability in FortiOS SSL VPN

Zero-day vulnerablity in FortiOS SSL VPN

A zero-day vulnerability in FortiOS SSL VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations.” “The attacks entailed the exploitation of CVE-2022-42475, a heap-based buffer overflow flaw that could enable an unauthenticated remote attacker to execute arbitrary code via specifically crafted requests.”


OpenSSL fixes two high severity vulnerabilities

The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections.The vulnerabilities (CVE-2022-3602 and CVE-2022-3786) affect OpenSSL version 3.0.0 and later and have been addressed in OpenSSL 3.0.7. Only roughly 7,000 Internet-exposed systems running vulnerable OpenSSL versions out of a total of more than 1,793,000 unique hosts spotted by Censys online […]