vulnerability
Exim vulnerability opens 400,000 servers to remote code execution
If you’re using the Exim mail transfer agent on your Internet-connected Unix-like systems and you haven’t yet upgraded to version 4.90.1, now is the time to do it …
New LTE attacks open users to eavesdropping, fake messages, location spoofing
A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit …
Phillips clinical imaging solution plagued by vulnerabilities
Phillips is developing a software update to mitigate 35 CVE-numbered vulnerabilities in the Philips IntelliSpace Portal (ISP), a clinical imaging visualization and analysis …
Trend Micro fixes serious vulnerabilities in Email Encryption Gateway
Trend Micro has plugged a bucketload of vulnerabilities in its Email Encryption Gateway, some of which can be combined to execute root commands from the perspective of a …
Dell EMC plugs critical bugs in VMAX enterprise storage offerings
Dell EMC has patched two critical flaws in vApp Manager, the management interface for its VMAX enterprise storage systems, and is urging all customers to implement fixes as …
How cybercriminals exploited Telegram flaw to deliver malware
A “vulnerability” in Telegram’s desktop instant messaging client for Windows was exploited for months by Russian cybercriminals to deliver malware to users. …
Server-side exploits dominate the threat landscape
Skybox Security released its inaugural Vulnerability and Threat Trends Report, which analyzes vulnerabilities, exploits and threats in play in 2017. Cybercrime is a …
Intel releases new Spectre microcode updates for some affected processors
Intel has provided a new update on the Spectre patch situation. Skylake fix ready, others to follow “Earlier this week, we released production microcode updates for …
Hotspot Shield VPN flaw can betray users’ location
A flaw in the widely used Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information that could be used to discover users’ location and, …
Flaw in Grammarly’s extensions opened user accounts to compromise
A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ …
Cisco issues new, complete fixes for critical flaw in enterprise security appliances
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service …
Mozilla plugs critical and easily exploitable flaw in Firefox
Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 …