Aggregator

A vulnerability classified as critical was found in Oracle MySQL Server up to 5.7.37/8.0.28. Affected by this vulnerability is an unknown functionality of the component Packaging. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-0778. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Oracle MySQL Workbench up to 8.0.28. Affected by this issue is some unknown functionality of the component libssh. The manipulation leads to denial of service. This vulnerability is handled as CVE-2022-0778. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in OpenSSL up to 1.0.2zc/1.1.1m/3.0.1. This affects the function BN_mod_sqrt of the component Non-prime Moduli Handler. The manipulation leads to infinite loop. This vulnerability is uniquely identified as CVE-2022-0778. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle GraalVM Enterprise Edition 20.3.5/21.3.1/22.0.0.2. It has been classified as critical. This affects an unknown part of the component Node. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-0778. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Strategies for Safeguarding Data and Reputation at Financial Institutions
In today's increasingly digital world, trust isn't always easy to come by. Businesses no longer have complete control over their technology stack. Instead, they rely heavily on third-party solutions, applications and products to keep operations running smoothly. But those third parties pose risks.

When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.

Academics Build AI Agent With OpenAI to Execute Phone Scams at Scale
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.

Forrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders
Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%. AI productivity gains have fallen short of expectations, forcing CISOs to reprioritize budgets and reassess gen AI’s role in security operations.

Series D Funding on $4.2B Valuation to Support OT, Medical Device Security Growth
Armis has closed a $200 million Series D funding round on a $4.2 billion valuation to drive growth in cyber exposure management with a focus on acquisitions and federal expansion. CEO Yevgeny Dibrov says the funds will accelerate Armis' work in operational technology and medical device security.

US Treasury Issues Regulations Restricting Investments in Foreign Semiconductors, AI
The U.S. Department of Treasury published final regulations Monday for investors planting dollars abroad that aims to restrict investments from the United States into sensitive technologies developed by foreign adversaries while continuing to ensure open investments practices remain intact.

Strategies for Safeguarding Data and Reputation at Financial Institutions
In today's increasingly digital world, trust isn't always easy to come by. Businesses no longer have complete control over their technology stack. Instead, they rely heavily on third-party solutions, applications and products to keep operations running smoothly. But those third parties pose risks.

When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.

Academics Build AI Agent With OpenAI to Execute Phone Scams at Scale
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.

Forrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders
Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%. AI productivity gains have fallen short of expectations, forcing CISOs to reprioritize budgets and reassess gen AI’s role in security operations.

Series D Funding on $4.2B Valuation to Support OT, Medical Device Security Growth
Armis has closed a $200 million Series D funding round on a $4.2 billion valuation to drive growth in cyber exposure management with a focus on acquisitions and federal expansion. CEO Yevgeny Dibrov says the funds will accelerate Armis' work in operational technology and medical device security.

US Treasury Issues Regulations Restricting Investments in Foreign Semiconductors, AI
The U.S. Department of Treasury published final regulations Monday for investors planting dollars abroad that aims to restrict investments from the United States into sensitive technologies developed by foreign adversaries while continuing to ensure open investments practices remain intact.

A vulnerability classified as critical has been found in Kerio Personal Firewall 2.1/2.1.1/2.1.2/2.1.3/2.1.4. Affected is an unknown function. The manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2003-0219. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.