vulnerability
Intel releases new Spectre microcode updates for some affected processors
Intel has provided a new update on the Spectre patch situation. Skylake fix ready, others to follow “Earlier this week, we released production microcode updates for …
Hotspot Shield VPN flaw can betray users’ location
A flaw in the widely used Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information that could be used to discover users’ location and, …
Flaw in Grammarly’s extensions opened user accounts to compromise
A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ …
Cisco issues new, complete fixes for critical flaw in enterprise security appliances
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service …
Mozilla plugs critical and easily exploitable flaw in Firefox
Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 …
Multiple zero-day vulnerabilities found in ManageEngine products
Digital Defense uncovered multiple, previously undisclosed vulnerabilities within several Zoho ManageEngine products. ManageEngine offers more than 90 tools to help manage IT …
Cisco plugs critical hole in many of its enterprise security appliances
There’s an eminently exploitable remote code execution flaw in the Adaptive Security Appliance (ASA) Software running on a number of Cisco enterprise appliances, and …
Lenovo Fingerprint Manager Pro is full of fail
Lenovo Fingerprint Manager Pro, a piece of software that allows users to log into their PCs or authenticate to configured websites using fingerprint recognition, has been …
Vulnerability in ISC BIND leads to DoS, patch today!
The Internet Systems Consortium has released security updates for BIND, the most widely used Domain Name System (DNS) software on the Internet, and a patch for ISC DHCP, its …
Meltdown and Spectre: To patch or to concentrate on attack detection?
Patching to protect machines against Meltdown and Spectre attacks is going slow, and the provided patches, in some instances, lead to more problems than just slowdowns. In …
Intel AMT security issue gives attackers complete control over a laptop
F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows …
WhatsApp, Signal group chats not as secure as users might believe
Researchers have discovered flaws in the way WhatsApp, Signal, and Threema messaging apps handle secure (encrypted) group communication, which could result in unauthorized …