vulnerability
Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise …
Hikvision DVRs sporting bugs that allow device hijacking
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining …
Default ATM passcodes still exploited by crooks
Once again, ATMs have been “hacked” by individuals taking advantage of default, factory-set passcodes. This time the passcode hasn’t been guessed, or ended …
Latest Microsoft patches crucial for all Windows users
Microsoft has closed a great many flaws, including a 0-day abused by the Sandworm team, in November’s Patch Tuesday. But there is another vulnerability that you should …
SAP finally patches critical, remotely exploitable bugs in GRC solution
More than a year and a half after they have been reported to SAP AG, the company has issued a patch for a number of critical exploitable security vulnerabilities in its …
Website fined for leaking encrypted card details and decryption key
The UK Information Commissioner’s Office (ICO) is warning organizations that they must make sure their websites are protected against one of the most common forms of …
Linksys SOHO router owners urged to patch multiple vulnerabilities
Owners of a number of Linksys small office/home office routers have been urged last week to update their device’s firmware in order patch two vulnerabilities, one of …
OS X Yosemite sports serious privilege escalation bug
A Swedish researcher has unearthed a serious bug that affects the newest version of OS X – version 10.10, or Yosemite – and which could allow attackers to gain …
Flaw in Visa’s contactless payment system could lead to fraud
Researchers from Newcastle University have discovered a serious flaw in Visa’s contactless credit cards which could allow attackers to siphon large amounts of money off …
What’s jeopardizing the safety of your datacenter?
Datacenters are fraught with hidden operational hazards, and because virtual infrastructure is extremely complex and dynamic, many vulnerabilities go undetected and can be …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments