SimpleTire snafu has now been remediated
Related Posts
TeamViewer Hacked: Attackers Accessed Internal Corporate IT Environment
TeamViewer Hacked: Attackers Accessed Internal Corporate IT Environment
On Wednesday, June 26, 2024, TeamViewer, a leading provider of remote access software, announced that attackers had compromised its internal corporate IT environment.
The company’s security team detected an “irregularity” in their internal systems, prompting an immediate response. TeamViewer activated its incident response procedures and brought in external cybersecurity experts to investigate and implement remediation measures.
In a statement, TeamViewer emphasized that its corporate IT environment is “completely independent” from its product environment. The company stated there is no evidence that the breach affected customer data or the TeamViewer product itself. However, investigations are still ongoing.
Scan Your Business Email Inbox to Find Advanced Email Threats – Try AI-Powered Free Threat Scan
“Security is of utmost importance to us; it is deeply rooted in our DNA,” TeamViewer said. Therefore, we value transparent communication and will continuously update the status of our investigations as new information becomes available.”
While TeamViewer has not provided details on the nature of the attack, according to a security researcher, NCC Group, a cybersecurity firm, issued an alert to its customers about a “significant compromise of the TeamViewer remote access and support platform by an APT group.”
APT stands for Advanced Persistent Threat, typically referring to sophisticated, state-sponsored hacking groups.
NCC Group circulated the alert citing the “widespread usage” of TeamViewer, though the firm did not disclose its sources and said it is still investigating the incident.
Millions of users worldwide use TeamViewer for remote access and support. The company says its primary focus remains ensuring the integrity of its systems as it continues to investigate the full scope of the breach.
This incident highlights the ongoing cybersecurity challenges faced by major technology providers. Users of TeamViewer are advised to monitor for any updates from the company regarding potential impacts or required actions.
The post TeamViewer Hacked: Attackers Accessed Internal Corporate IT Environment appeared first on Cyber Security News.
SAP Security Update: Patch For High Severity Vulnerabilities
SAP Security Update: Patch For High Severity Vulnerabilities
SAP has released its July 2024 security patch update, addressing 18 product vulnerabilities. The update includes fixes for two high-severity flaws that could potentially allow attackers to gain unauthorized access to sensitive data and systems.
The most critical vulnerability, CVE-2024-39592, affects SAP’s Product Design Cost Estimating (PDCE) tool. With a CVSS score of 7.7, this missing authorization check could enable attackers to read generic table data, potentially exposing sensitive information.
Another high-priority fix addresses CVE-2024-39597 in SAP Commerce, which has a CVSS score of 7.2.
This improper authorization check could allow attackers to exploit the forgotten password functionality and gain access to improperly configured sites without merchant approval.
Attend a Free Webinar on How to Maximize Cybersecurity Program ROI
The patch update also includes fixes for 15 medium-severity vulnerabilities affecting various SAP products such as Landscape Management, Document Builder, NetWeaver, CRM, Business Warehouse, S/4HANA, Business Workflow, GUI for Windows, Transportation Management, and Enable Now.
These vulnerabilities encompass a range of issues, including information disclosure, unrestricted file uploads, missing authorization checks, cross-site scripting (XSS), and server-side request forgery (SSRF).
While SAP has not reported any active exploitation of these vulnerabilities, the company strongly recommends that users apply the patches as soon as possible.
Past incidents have shown that attackers often target known SAP vulnerabilities, even after the release of patches. The July 2024 patch update underscores the importance of timely security updates for enterprise software.
Organizations using SAP products should prioritize applying these patches to mitigate potential risks to their systems and data.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
The post SAP Security Update: Patch For High Severity Vulnerabilities appeared first on Cyber Security News.
Business services giant CBIZ discloses customer data breach
Business services giant CBIZ discloses customer data breach
CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases. […] Read More