Vulnerabilities – Threatpost
Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes
Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts. …
Read more >>
Vulnerabilities – Threatpost
Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devi…
Read more >>
Vulnerabilities – Threatpost
Critical Magento Flaws Allow Code Execution
Adobe has released patches for critical and important-severity flaws in its popular Magento e-comme…
Read more >>
Vulnerabilities – Threatpost
Billions of Devices Impacted by Secure Boot Bypass
The "BootHole" bug could allow cyberattackers to load malware, steal information and move…
Read more >>
Vulnerabilities – Threatpost
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers w…
Read more >>
Technology
Everything I Learned In My Quest For a Better Work-From-Home Chair
It’s week who-knows-when of the COVID-19 outbreak here in the U.S., and one thing has bec…
Read more >>
Vulnerabilities – Threatpost
Critical Security Flaw in WordPress Plugin Allows RCE
WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch. …
Read more >>
Technology
Big Tech Needs To Be Regulated. Here Are 4 Ways to Curb Disinformation and Protect Our Privacy
Recent months have seen mounting evidence that the algorithmic spread of hate speech, disi…
Read more >>
Vulnerabilities – Threatpost
OkCupid Security Flaw Threatens Intimate Dater Details
Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims'…
Read more >>
Vulnerabilities – Threatpost
Researchers Warn of High-Severity Dell PowerEdge Server Flaw
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over cont…
Read more >>
Vulnerabilities – Threatpost
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows…
Read more >>
Vulnerabilities – Threatpost
Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns
Attackers are exploiting a high-severity vulnerability in Cisco's network security software pro…
Read more >>
Vulnerabilities – Threatpost
DJI Drone App Riddled With Privacy Issues, Researchers Allege
The DJI GO 4 application open users’ sensitive data up for the taking, researchers allege. Via Vuln…
Read more >>
Vulnerabilities – Threatpost
NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
Power plants, factories, oil and gas refineries and more are all in the sights of foreign adversari…
Read more >>
Vulnerabilities – Threatpost
Cisco Network Security Flaw Leaks Sensitive Data
The flaw exists in Cisco's network security Firepower Threat Defense (FTD) software and its Ada…
Read more >>
Vulnerabilities – Threatpost
ASUS Home Router Bugs Open Consumers to Snooping Attacks
The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowin…
Read more >>
Vulnerabilities – Threatpost
Critical Adobe Photoshop Flaws Patched in Emergency Update
Adobe issued out-of-band patches for critical flaws tied to 12 CVEs in Photoshop and other applicat…
Read more >>
Vulnerabilities – Threatpost
Diebold ATM Terminals Jackpotted Using Machine’s Own Software
The company warned that cybercriminals are using a black box with proprietary code in attacks to il…
Read more >>
Vulnerabilities – Threatpost
Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover
Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critic…
Read more >>
Vulnerabilities – Threatpost
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS v…
Read more >>
Vulnerabilities – Threatpost
Hackers Look to Steal COVID-19 Vaccine Research
The Russia-linked APT29 has set its sights on pharma research in Western nations in a likely attemp…
Read more >>
Vulnerabilities – Threatpost
Zoom Addresses Vanity URL Zero-Day
An attacker could pose as a company employee, invite customers or partners to meetings, then use so…
Read more >>
Vulnerabilities – Threatpost
Microsoft Tackles 123 Fixes for July Patch Tuesday
Eighteen critical bugs, impacting Windows Server, Office and Outlook, were fixed as part of the pat…
Read more >>
Vulnerabilities – Threatpost
Critical DNS Bug Opens Windows Servers to Infrastructure Takeover
Microsoft gives the ‘wormable’ flaw a security rating of 10 – the most severe warning possible. Via…
Read more >>
Vulnerabilities – Threatpost
Adobe Discloses Critical Code-Execution Bugs in July Update
The software giant released patches for four critical vulnerabilities and five different platforms.…
Read more >>
Vulnerabilities – Threatpost
Adobe Discloses Critical Code-Execution Bugs in July Update
The software giant released patches for four critical vulnerabilities and five different platforms.…
Read more >>
Vulnerabilities – Threatpost
Critical SAP Bug Allows Full Enterprise System Takeover
Exploitation of the bug can allow an attacker to lift sensitive information, delete files, execute …
Read more >>
Vulnerabilities – Threatpost
The Enemy Within: How Insider Threats Are Changing
Insider-threat security experts unravel the new normal during this time of remote working, and expl…
Read more >>
Vulnerabilities – Threatpost
Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack
Researcher warns the highly-rated Kasa family of security cameras have bugs that gives hackers acce…
Read more >>
Vulnerabilities – Threatpost
Report: Most Popular Home Routers Have ‘Critical’ Flaws
Common devices from Netgear, Linksys, D-Link and others contain serious security vulnerabilities th…
Read more >>
Vulnerabilities – Threatpost
Zoom Zero-Day Allows RCE, Patch on the Way
Researchers said that the issue is only exploitable on Windows 7 and earlier. Via Vulnerabilities –…
Read more >>
Vulnerabilities – Threatpost
Advertising Plugin for WordPress Threatens Full Site Takeovers
Thousands of vulnerable websites need to apply the patch to avoid RCE. Via Vulnerabilities – Threat…
Read more >>
Vulnerabilities – Threatpost
Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing
The Kazakh native made headlines last year for hacking McAfee, Symantec and Trend Micro; but the Fe…
Read more >>
Vulnerabilities – Threatpost
Keeper Threat Group Rakes in $7M from 100s of Compromised E-Commerce Sites
Researchers warn that Keeper, using Magecart code, will launch increasingly sophisticated attacks a…
Read more >>
Vulnerabilities – Threatpost
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft
Admins should patch their Citrix ADC and Gateway installs immediately. Via Vulnerabilities – Threat…
Read more >>
Vulnerabilities – Threatpost
Admins Urged to Patch Critical F5 Flaw Under Active Attack
Security experts and the U.S. Cyber Command are urging admins to update a critical flaw in F5 Netwo…
Read more >>
Technology
Want to Stop Looking Terrible on Zoom? 7 Quick Tips to Up Your Video Calling Game
Let’s face it: Many of us are going to be working from home for a long time, especially as…
Read more >>
Vulnerabilities – Threatpost
Purple Fox EK Adds Microsoft Exploits to Arsenal
Two exploits for Microsoft vulnerabilities have been added to the Purple Fox EK, showing ongoing de…
Read more >>
Vulnerabilities – Threatpost
Apache Guacamole Opens Door for Total Control of Remote Footprint
Several vulnerabilities can be chained together for a full exploit. Via Vulnerabilities – Threatpos…
Read more >>
Vulnerabilities – Threatpost
Cisco Warns of High-Severity Bug in Small Business Switch Lineup
A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative pr…
Read more >>
Vulnerabilities – Threatpost
Microsoft Releases Emergency Security Updates for Windows 10, Server
The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of m…
Read more >>
Vulnerabilities – Threatpost
Verizon Media, PayPal, Twitter Top Bug-Bounty Rankings
Verizon Media has paid nearly $10 million to ethical hackers via HackerOne's platform. Via Vuln…
Read more >>
