vulnerability
MS Office zero-day exploited in attacks – no enabling of macros required!
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched …
Compared to last month’s Patch Tuesday, April will be a light drizzle
March saw a sizable release from Microsoft after a missed Patch Tuesday. Any way about it, April will be a lighter month than March. Windows 10 1703 has officially released to …
QNAP NAS devices open to remote command execution
If you’re using one of the many QNAP NAS devices and you haven’t yet upgraded the QTS firmware to version 4.2.4, you should do so immediately if you don’t …
Apple patches drive-by Wi-Fi flaw with emergency iOS patch
Less than a week after Apple pushed out iOS 10.3 comes an iOS emergency patch that all iDevice owners should implement as soon a possible. The security note accompanying iOS …
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
Number of compromised records up 566% in 2016
The number of records compromised grew a historic 566 percent in 2016 from 600 million to more than 4 billion. These leaked records include data cybercriminals have …
Siemens RUGGEDCOM industrial communication devices vulnerable to remote attacks
All version of Siemens RUGGEDCOM ROX I VPN endpoints and firewall devices sport five vulnerabilities that can be exploited by attackers to perform actions with administrative …
LastPass is working on fixing latest code execution bug
It’s been an eventful couple of weeks for LastPass developers, as they’ve scrambled to fix a couple of serious flaws in the popular password manager’s …
Scareware scammers target iOS users
A bug in the way that Mobile Safari handles pop-up dialogs has been abused to scare iOS users into paying a “fine” in the form of an iTunes pre-paid card. The iOS …
Medical washer-disinfector appliance’s web server open to attack
Here’s a string of words that you probably never thought you’ll hear: An Internet-connected washer-disinfector appliance by German manufacturer Miele sports a …
Lack of security patching leaves mobile users exposed
An analysis of the patch updates among the five leading wireless carriers in the United States found that 71 percent of mobile devices still run on security patches more than …
Java and Flash top list of most outdated programs on users’ PCs
52% of the most popular PC applications, including Flash and Java, are out-of-date. People are exposing their PC and their personal data to risks, as malware targets older …