Ads

Showing posts from May, 2021Show all
HPE Fixes Critical Zero-Day in Server Management Software Vulnerabilities – Threatpost

HPE Fixes Critical Zero-Day in Server Management Software

May 29, 2021

The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction…

Read more >>
Building Multilayered Security for Modern Threats Vulnerabilities – Threatpost

Building Multilayered Security for Modern Threats

May 28, 2021

Justin Jett, director of audit and compliance for Plixer, discusses the elements of a successful ad…

Read more >>
Targeted AnyDesk Ads on Google Served Up Weaponized App Vulnerabilities – Threatpost

Targeted AnyDesk Ads on Google Served Up Weaponized App

May 28, 2021

Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads. Via Vulnerab…

Read more >>
Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues Vulnerabilities – Threatpost

Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues

May 27, 2021

David Wolpoff, CTO at Randori, argues that the call for rapid cloud transition Is a dangerous propo…

Read more >>
PDF Feature ‘Certified’ Widely Vulnerable to Attack Vulnerabilities – Threatpost

PDF Feature ‘Certified’ Widely Vulnerable to Attack

May 27, 2021

Researchers found flaws most of the ‘popular’ PDF applications tested. Via Vulnerabilities – Threat…

Read more >>
VMware Sounds Ransomware Alarm Over Critical Severity Bug Vulnerabilities – Threatpost

VMware Sounds Ransomware Alarm Over Critical Severity Bug

May 27, 2021

VMware’s virtualization management platform, vCenter Server, has a critical severity bug the compan…

Read more >>
A Peek Inside the Underground Ransomware Economy Vulnerabilities – Threatpost

A Peek Inside the Underground Ransomware Economy

May 27, 2021

Threat hunters weigh in on how the business of ransomware, the complex relationships between cyberc…

Read more >>
Trend Micro Bugs Threaten Home Network Security Vulnerabilities – Threatpost

Trend Micro Bugs Threaten Home Network Security

May 26, 2021

The security vendor's network management and threat protection station can open the door to cod…

Read more >>
Travel Is Coming Back, and Artificial Intelligence May Be Planning Your Next Flight Technology

Travel Is Coming Back, and Artificial Intelligence May Be Planning Your Next Flight

May 25, 2021

There are dozens of routes that Alaska Airways Flight 1405 can take from Oklahoma City to …

Read more >>
Combatting Insider Threats with Keyboard Security Vulnerabilities – Threatpost

Combatting Insider Threats with Keyboard Security

May 25, 2021

Dale Ludwig, business development manager at Cherry Americas, discusses advances in hardware-based …

Read more >>
Pulse Secure VPNs Get Quick Fix for Critical RCE Vulnerabilities – Threatpost

Pulse Secure VPNs Get Quick Fix for Critical RCE

May 25, 2021

One of the workaround XML files automatically deactivates protection from an earlier workaround: a …

Read more >>
Restaurant Reservation System Patches Easy-to-Exploit XSS Bug Vulnerabilities – Threatpost

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

May 25, 2021

A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access re…

Read more >>
WP Statistics Bug Allows Attackers to Lift Data from WordPress Sites Vulnerabilities – Threatpost

WP Statistics Bug Allows Attackers to Lift Data from WordPress Sites

May 21, 2021

The plugin, installed on hundreds of thousands of sites, allows anyone to filch database info witho…

Read more >>
Four Android Bugs Being Exploited in the Wild Vulnerabilities – Threatpost

Four Android Bugs Being Exploited in the Wild

May 21, 2021

On Wednesday, Google quietly slipped updates into its May 3 Android security bulletin for bugs that…

Read more >>
Apple Exec Calls Level of Mac Malware ‘Unacceptable’ Vulnerabilities – Threatpost

Apple Exec Calls Level of Mac Malware ‘Unacceptable’

May 20, 2021

Company is using threat of attacks as defense in case brought against it by Epic Games after Fortni…

Read more >>
Can Nanotech Secure IoT Devices From the Inside-Out? Vulnerabilities – Threatpost

Can Nanotech Secure IoT Devices From the Inside-Out?

May 20, 2021

Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavi…

Read more >>
Keksec Cybergang Debuts Simps Botnet for Gaming DDoS Vulnerabilities – Threatpost

Keksec Cybergang Debuts Simps Botnet for Gaming DDoS

May 19, 2021

The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using k…

Read more >>
Windows PoC Exploit Released for Wormable RCE Vulnerabilities – Threatpost

Windows PoC Exploit Released for Wormable RCE

May 19, 2021

The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the b…

Read more >>
Microsoft, Adobe Exploits Top List of Crooks’ Wish List Vulnerabilities – Threatpost

Microsoft, Adobe Exploits Top List of Crooks’ Wish List

May 18, 2021

You can’t possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as track…

Read more >>
Magecart Goes Server-Side in Latest Tactics Changeup Vulnerabilities – Threatpost

Magecart Goes Server-Side in Latest Tactics Changeup

May 18, 2021

The latest Magecart iteration is finding success with a new PHP web shell skimmer. Via Vulnerabilit…

Read more >>
CISOs Struggle to Cope with Mounting Job Stress Vulnerabilities – Threatpost

CISOs Struggle to Cope with Mounting Job Stress

May 17, 2021

Pandemic and evolving IT demands are having a major, negative impact on CISOs' mental health, a…

Read more >>
‘Scheme Flooding’ Allows Websites to Track Users Across Browsers Vulnerabilities – Threatpost

‘Scheme Flooding’ Allows Websites to Track Users Across Browsers

May 14, 2021

A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymit…

Read more >>
Verizon: Pandemic Ushers in ⅓ More Cyber-Misery Vulnerabilities – Threatpost

Verizon: Pandemic Ushers in ⅓ More Cyber-Misery

May 14, 2021

The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially …

Read more >>
How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly Vulnerabilities – Threatpost

How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

May 14, 2021

Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting…

Read more >>
Colonial Pipeline Shells Out $5M in Extortion Payout, Report Vulnerabilities – Threatpost

Colonial Pipeline Shells Out $5M in Extortion Payout, Report

May 14, 2021

According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it dem…

Read more >>
Ransomware Going for $4K on the Cyber-Underground Vulnerabilities – Threatpost

Ransomware Going for $4K on the Cyber-Underground

May 14, 2021

An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with m…

Read more >>
Apple’s ‘Find My’ Network Exploited via Bluetooth Vulnerabilities – Threatpost

Apple’s ‘Find My’ Network Exploited via Bluetooth

May 13, 2021

The ‘Send My’ exploit can use Apple's locator service to collect and send information from near…

Read more >>
Researchers Flag e-Voting Security Flaws Vulnerabilities – Threatpost

Researchers Flag e-Voting Security Flaws

May 13, 2021

Paper ballots and source-code transparency are recommended to improve election security. Via Vulner…

Read more >>
‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices Vulnerabilities – Threatpost

‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices

May 12, 2021

Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're…

Read more >>
Wormable Windows Bug Opens Door to DoS, RCE Vulnerabilities – Threatpost

Wormable Windows Bug Opens Door to DoS, RCE

May 12, 2021

Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabili…

Read more >>
Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader Vulnerabilities – Threatpost

Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader

May 12, 2021

A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attac…

Read more >>
Lemon Duck Cryptojacking Botnet Changes Up Tactics Vulnerabilities – Threatpost

Lemon Duck Cryptojacking Botnet Changes Up Tactics

May 11, 2021

The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh …

Read more >>
Criminal Gang DarkSide Linked to Cyberattack That Forced U.S. Gas Pipeline Shutdown Technology

Criminal Gang DarkSide Linked to Cyberattack That Forced U.S. Gas Pipeline Shutdown

May 10, 2021

(NEW YORK) — The cyberextortion attempt that has forced the shutdown of a vital U.S. pipel…

Read more >>
iPhone Hack Allegedly Used to Spy on China’s Uyghurs Vulnerabilities – Threatpost

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

May 08, 2021

U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority …

Read more >>
Qualcomm Chip Bug Opens Android Fans to Eavesdropping Vulnerabilities – Threatpost

Qualcomm Chip Bug Opens Android Fans to Eavesdropping

May 08, 2021

A malicious app can exploit the issue, which could affect up to 30 percent of Android phones. Via V…

Read more >>
Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks Vulnerabilities – Threatpost

Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks

May 07, 2021

The networking giant has rolled out patches for remote code-execution and command-injection securit…

Read more >>
Anti-Spam WordPress Plugin Could Expose Website User Data Vulnerabilities – Threatpost

Anti-Spam WordPress Plugin Could Expose Website User Data

May 06, 2021

'Spam protection, AntiSpam, FireWall by CleanTalk' is installed on more than 100,000 sites …

Read more >>
Raft of Exim Security Holes Allow Linux Mail Server Takeovers Vulnerabilities – Threatpost

Raft of Exim Security Holes Allow Linux Mail Server Takeovers

May 06, 2021

Remote code execution, privilege escalation to root and lateral movement through a victim's env…

Read more >>
Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs Vulnerabilities – Threatpost

Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs

May 05, 2021

The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to Chi…

Read more >>
Apple Fixes Zero‑Day Security Bugs Under Active Attack Vulnerabilities – Threatpost

Apple Fixes Zero‑Day Security Bugs Under Active Attack

May 04, 2021

On Monday, Apple released a quartet of unscheduled updates for iOS, macOS, and watchOS, slapping se…

Read more >>
Hundreds of Millions of Dell Users at Risk from Kernel-Privilege Bugs Vulnerabilities – Threatpost

Hundreds of Millions of Dell Users at Risk from Kernel-Privilege Bugs

May 04, 2021

The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tab…

Read more >>
New Attacks Slaughter All Spectre Defenses  Vulnerabilities – Threatpost

New Attacks Slaughter All Spectre Defenses 

May 04, 2021

The 3+ years computer scientists spent concocting ways to defend against these supply-chain attacks…

Read more >>
Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool Vulnerabilities – Threatpost

Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool

May 04, 2021

Researchers warned that unpatched versions of HPE’s Edgeline Infrastructure Manager are open to rem…

Read more >>