The week in security: Fraud losses going up, password security still down

Credit: ID 35698053 © Ratch0013 |

Losses to email-based fraudsters are continuing to soar as business email compromise (BEC) exploits human weaknesses to deliver big gains for cybercriminals, new figures have confirmed.

Staff aren’t very good at maintaining good passwords either, with World Password Day turning up the usual reminders that everyone needs to take this stuff seriously – but still isn’t doing so.

New ransomware is leveraging a flaw in Oracle WebLogic to install itself on vulnerable business systems.

Also needing patching was the Cisco Nexus 9000, whose fabric switch software has flaws that the vendor was calling to be patched.

As if the week’s vulnerabilities file wasn’t big enough already, Windows 10 PCs from Dell were being endangered by a flaw in the company’s SupportAssist app.

And, to top it off, enterprises were being hit by a newly released exploit that leverages a known configuration vulnerability in both on-premise and cloud-based SAP instances.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags password securityciscoemail securityWorld Password Day

More about CiscoDellOracleSAP

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts