Vulnerabilities – Threatpost
NSA Warns of Sandworm Backdoor Attacks on Mail Servers
The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critica…
Read more >>
Vulnerabilities – Threatpost
Inside the Hoaxcalls Botnet: Both Success and Failure
The DDoS group sets itself apart by using exploits -- but it doesn't always pan out. Via Vulner…
Read more >>
Technology
Trump Signs Executive Order Targeting Protections for Social Media Companies Amid Escalating War With Twitter
(WASHINGTON) — President Donald Trump escalated his war on social media companies, signing…
Read more >>
Vulnerabilities – Threatpost
Hackers Compromise Cisco Servers Via SaltStack Flaws
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabili…
Read more >>
Vulnerabilities – Threatpost
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks b…
Read more >>
Vulnerabilities – Threatpost
StrandHogg 2.0 Critical Bug Allows Android App Hijacking
a malicious app installed on a device can hide behind legitimate apps. Via Vulnerabilities – Threat…
Read more >>
Vulnerabilities – Threatpost
70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs
A lack of awareness about where and how open-source libraries are being used is problematic, resear…
Read more >>
Vulnerabilities – Threatpost
NSO Group Impersonates Facebook Security Team to Spread Spyware — Report
An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal. Via …
Read more >>
Vulnerabilities – Threatpost
Long Tail Analysis: A New Hope in the Cybercrime Battle
Looking for niche anomalies in an automated way with AI and machine learning is the future. Via Vul…
Read more >>
Vulnerabilities – Threatpost
Critical Cisco Bug in Unified CCX Allows Remote Code Execution
Cisco has fixed a critical remote code-execution flaw in its popular customer interaction managemen…
Read more >>
Vulnerabilities – Threatpost
The Windows 7 Postmortem: What’s at Stake
Nearly a quarter of endpoints still run Windows 7, even though support and security patches have en…
Read more >>
Vulnerabilities – Threatpost
Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices
A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel…
Read more >>
Vulnerabilities – Threatpost
Adobe Patches Critical RCE Flaw in Character Animator App
A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesd…
Read more >>
Technology
3 Stress-Free Ways to Share Your TV or Computer With Your Quarantine Companions
Thanks to COVID-19 , many people are spending a lot more time inside with their fellow ho…
Read more >>
Vulnerabilities – Threatpost
Hoaxcalls Botnet Exploits Symantec Secure Web Gateways
The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the s…
Read more >>
Vulnerabilities – Threatpost
Microsoft Addresses 111 Bugs for May Patch Tuesday
Important-rated EoP flaws made up the bulk of the CVEs; SharePoint continued its critical run with …
Read more >>
Vulnerabilities – Threatpost
WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover
Severe CSRF to XSS bugs open the door to code execution and complete website compromise. Via Vulner…
Read more >>
Vulnerabilities – Threatpost
Adobe Kills 16 Critical Flaws in Acrobat and Reader, Digital Negative SDK
Adobe patched 36 flaws, including critical vulnerabilities in Acrobat and Reader and its DNG Softwa…
Read more >>
Vulnerabilities – Threatpost
Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection
CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches. Via Vulnerabilities …
Read more >>
Technology
Microsoft’s Pint-Sized Surface Go 2 Is a Deceptively Cheap Budget Laptop
Microsoft’s done a good job when it comes to reclaiming its position as a contender in per…
Read more >>
Vulnerabilities – Threatpost
Millions of Thunderbolt-Equipped Devices Open to ‘ThunderSpy’ Attack
If an attacker can get his hands on a Thunderbolt-equipped device for five minutes, he can launch a…
Read more >>
Vulnerabilities – Threatpost
Blue Mockingbird Monero-Mining Campaign Exploits Web Apps
The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote cod…
Read more >>
Vulnerabilities – Threatpost
Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower Th…
Read more >>
Vulnerabilities – Threatpost
Naikon APT Hid Five-Year Espionage Attack Under Radar
The Chinese APT has been discovered behind a five-year espionage campaign that compromises governme…
Read more >>
Vulnerabilities – Threatpost
Microsoft Shells Out $100K for IoT Security
A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or S…
Read more >>
Vulnerabilities – Threatpost
VPN Concerns with Unplanned Remote Employees
Maintaining visibility and availability when you suddenly have a large remote footprint takes plann…
Read more >>
Vulnerabilities – Threatpost
Google Android RCE Bug Allows Attacker Full Device Access
The vulnerability is one of 39 affecting various aspects of the mobile OS that the company fixed in…
Read more >>
Vulnerabilities – Threatpost
Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack
Hackers targeted Ghost on Sunday, in a cryptocurrency mining attack that caused widespread outages.…
Read more >>
Vulnerabilities – Threatpost
Salt Bugs Allow Full RCE as Root on Cloud Servers
Researchers say the bugs are easy to exploit and will likely be weaponized within a day. Via Vulner…
Read more >>
