Vulnerabilities – Threatpost
Reboot of PunkSpider Tool at DEF CON Stirs Debate
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so com…
Read more >>
Vulnerabilities – Threatpost
Podcast: Why Securing Active Directory Is a Nightmare
Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a …
Read more >>
Vulnerabilities – Threatpost
Zimbra Server Bugs Could Lead to Email Plundering
Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbr…
Read more >>
Vulnerabilities – Threatpost
Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the…
Read more >>
Vulnerabilities – Threatpost
Apple Patches Actively Exploited Zero-Day in iOS, MacOS
Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption fla…
Read more >>
Vulnerabilities – Threatpost
Podcast: IoT Piranhas Are Swarming Industrial Controls
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems…
Read more >>
Vulnerabilities – Threatpost
Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC
Microsoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows syst…
Read more >>
Vulnerabilities – Threatpost
Malware Makers Using ‘Exotic’ Programming Languages
Sprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to…
Read more >>
Vulnerabilities – Threatpost
Critical Jira Flaw in Atlassian Could Lead to RCE
The software-engineering platform is urging users to patch the critical flaw ASAP. Via Vulnerabilit…
Read more >>
Vulnerabilities – Threatpost
Industrial Networks Exposed Through Cloud-Based Operational Tech
Critical ICS vulnerabilities can be exploited through leading cloud-management platforms. Via Vulne…
Read more >>
Vulnerabilities – Threatpost
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day
Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come…
Read more >>
Vulnerabilities – Threatpost
Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug
A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create ne…
Read more >>
Vulnerabilities – Threatpost
Indictments, Attribution Unlikely to Deter Chinese Hacking, Researchers Say
Researchers are skeptical that much will come from calling out China for the Microsoft Exchange att…
Read more >>
Vulnerabilities – Threatpost
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to ru…
Read more >>
Vulnerabilities – Threatpost
Researchers: NSO Group’s Pegasus Spyware Should Spark Bans, Apple Accountability
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bomb…
Read more >>
Vulnerabilities – Threatpost
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines
The bug could allow cyberattackers to bypass security products, tamper with data and run code in ke…
Read more >>
Vulnerabilities – Threatpost
Unpatched iPhone Bug Allows Remote Device Takeover
A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier …
Read more >>
Vulnerabilities – Threatpost
Top CVEs Trending with Cybercriminals
An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most intere…
Read more >>
Vulnerabilities – Threatpost
The Evolving Role of the CISO
Curtis Simpson, CISO at Armis, discusses the stop qualities that all CISOs need to possess to excel…
Read more >>
Vulnerabilities – Threatpost
Critical Juniper Bug Allows DoS, RCE Against Carrier Networks
Telecom providers, including wireless carriers, are at risk of disruption of network service if the…
Read more >>
