Vulnerabilities – Threatpost
CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug
An authentication-bypass vulnerability allows attackers to access network assets without credential…
Read more >>
Vulnerabilities – Threatpost
Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores
Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Mag…
Read more >>
Vulnerabilities – Threatpost
Unpatched Wi-Fi Extender Opens Home Networks to Remote Control
The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw. Via Vulnerabil…
Read more >>
Vulnerabilities – Threatpost
DarkCrewFriends Returns with Botnet Strategy
The botnet can be used to mount different kinds of attacks, including code-execution and DDoS. Via …
Read more >>
Vulnerabilities – Threatpost
Golang Worm Widens Scope to Windows, Adds Payload Capacity
A first-stage malware loader spotted in active campaigns has added additional exploits and a new ba…
Read more >>
Technology
Apple Ditching Intel Could Mean Big Changes Ahead for Mac Desktops and Laptops
Apple’s first-ever virtual Worldwide Developer Conference (WWDC) came with the usual slew …
Read more >>
Vulnerabilities – Threatpost
Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs
Several high-severity flaws in Nvidia's GPU display drivers for Windows users could lead to cod…
Read more >>
Vulnerabilities – Threatpost
Emerging Ransomware Targets Photos, Videos on Android Devices
The CryCryptor malware strain is a brand-new family of threats, leveraging COVID-19 to spread. Via …
Read more >>
Vulnerabilities – Threatpost
Self-Propagating Lucifer Malware Targets Windows Systems
A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Via V…
Read more >>
Technology
The 5 Most Exciting Things Apple Announced at its Virtual WWDC 2020
The effects of COVID-19, which necessitate social distancing and nationwide stay-at-home o…
Read more >>
Vulnerabilities – Threatpost
AMD: Fixes For High-Severity SMM Callout Flaws Upcoming
AMD has fixed one high-severity vulnerability affecting its client and embedded processors; fixes f…
Read more >>
Vulnerabilities – Threatpost
Netgear Zero-Day Allows Full Takeover of Dozens of Router Models
An unpatched vulnerability in the web server of device firmware gives attackers root privileges, re…
Read more >>
Vulnerabilities – Threatpost
Google Yanks 106 ‘Malicious’ Chrome Extensions
Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financ…
Read more >>
Vulnerabilities – Threatpost
Cisco Webex, Router Bugs Allow Code Execution
High-severity flaws plague Cisco's Webex collaboration platform, as well as its RV routers for …
Read more >>
Vulnerabilities – Threatpost
AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit
A “very rare” malware has been used by an unknown threat actor in cyberattacks against two differen…
Read more >>
Vulnerabilities – Threatpost
Premier League’s Return: A Hat Trick of Cyberthreats?
The beautiful game is back on the pitch in the U.K. -- and cyberattackers will be looking to take a…
Read more >>
Vulnerabilities – Threatpost
Coronavirus-Themed Cyberattacks Drop, Microsoft
Microsoft report offers insight on how threat actors exploited COVID-19 across the globe. Via Vulne…
Read more >>
Vulnerabilities – Threatpost
Adobe Patches 18 Critical Flaws in Out-Of-Band Update
Critical vulnerabilities were patched in Adobe After Effects, Illustrator, Premiere Pro, Premiere R…
Read more >>
Vulnerabilities – Threatpost
Theft of CIA’s ‘Vault 7’ Secrets Tied to ‘Woefully Lax” Security
An internal investigation into the 2016 CIA breach condemned the agency's security measures, sa…
Read more >>
Vulnerabilities – Threatpost
‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices
The vulnerabilities affect everything from printers to insulin pumps to ICS gear. Via Vulnerabiliti…
Read more >>
Vulnerabilities – Threatpost
WFH Alert: Critical Bug Found in Old D-Link Router Models
Researchers find six bugs in consumer D-Link DIR-865L Wireless AC 1750 Dual Band Cloud Router. Via …
Read more >>
Vulnerabilities – Threatpost
Android ‘ActionSpy’ Malware Targets Turkic Minority Group
Researchers warn that the Earth Empusa threat group is distributing the spyware by injecting code i…
Read more >>
Vulnerabilities – Threatpost
Helping Remote Workers Overcome Remote Attacks
Because remote workers' devices are all connected to a home network, they don’t even need to be…
Read more >>
Vulnerabilities – Threatpost
Critical Intel Flaws Fixed in Active Management Technology
Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 2…
Read more >>
Vulnerabilities – Threatpost
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities a…
Read more >>
Vulnerabilities – Threatpost
Adobe Warns of Critical Flaws in Flash Player, Framemaker
Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution. Via Vulnera…
Read more >>
Vulnerabilities – Threatpost
SMBGhost RCE Exploit Threatens Corporate Networks
The release of a PoC for the Windows flaw known as "SMBGhost" could set off cyberattack w…
Read more >>
Technology
Microsoft CEO Satya Nadella Talks COVID-19 Response And Change After George Floyd
(Miss this week’s The Leadership Brief ? This interview below was delivered to the inbox o…
Read more >>
Vulnerabilities – Threatpost
WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?
A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Sear…
Read more >>
Vulnerabilities – Threatpost
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to d…
Read more >>
Vulnerabilities – Threatpost
Critical SAP ASE Flaws Allow Complete Control of Databases
Researchers warn of critical flaws in SAP's Sybase Adaptive Server Enterprise software. Via Vul…
Read more >>
Vulnerabilities – Threatpost
Two Critical Android Bugs Open Door to RCE
Google and Qualcomm both addressed significant vulnerabilities in their June updates. Via Vulnerabi…
Read more >>
Vulnerabilities – Threatpost
Severe Cisco DoS Flaw Can Cripple Nexus Switches
Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus sw…
Read more >>
Vulnerabilities – Threatpost
Apple Jailbreak Zero-Day Gets a Patch
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the "Uncover" jailbre…
Read more >>
Vulnerabilities – Threatpost
Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw
Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by …
Read more >>
