A critical vulnerability impacting multiple IDEMIA biometric identification devices can be exploited to unlock doors and turnstiles.
Because of this security defect, if the TLS protocol is not activated, an attacker in the network can send specific commands without authentication to open doors or turnstiles directly operated by a vulnerable device.
Read more: Vulnerability in IDEMIA Biometric Readers Allows Hackers to Unlock Doors
Oracle is preparing the release of nearly 500 new security patches with its Critical Patch Update (CPU) for January 2022.
Read more: Oracle to Release Nearly 500 New Security Patches
A critical vulnerability addressed recently in SAP NetWeaver AS ABAP and ABAP Platform could be abused to set up supply chain attacks, SAP security solutions provider SecurityBridge warns.
Read more: Critical SAP Vulnerability Allows Supply Chain Attacks
Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach.
Read more: Personal Information Compromised in Goodwill Website Hack
A vulnerability in Apple’s implementation of the IndexedDB API in Safari 15 allows websites to track users’ activity on other sites and even to reveal their identity, browser fingerprinting and fraud detection firm FingerprintJS explains.
Read more: Safari 15 Vulnerability Allows Cross-Site Tracking of Users
Fifteen acquisitions were announced in the first half of January 2022.
Newly detected WhisperGate malware being used by previously unknown threat group in cyberattacks against Ukraine
Read more: Microsoft Uncovers Destructive Malware Used in Ukraine Cyberattacks
