vulnerability
Trend Micro fixes two actively exploited zero-days in enterprise products
Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the …
Some commercial password managers vulnerable to attack by fake apps
Security experts recommend using a complex, random and unique password for every online account, but remembering them all would be a challenging task. That’s where …
WordPress and Apache Struts weaponized vulnerabilities on the rise
Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to …
Can 5G make you more vulnerable to cyberattacks?
Many enterprises and sectors are unaware of the 5G security vulnerabilities that exist today. Choice IoT says it’s critical for businesses to have a plan for discovering and …
Number of open source vulnerabilities surged in 2019
The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. “This can be …
Most computers easy to hack due to vulnerability in memory chips
Most computer systems are still very easy to hack, due to a vulnerability in memory chips produced by Samsung, Micron and Hynix, according to a study by researchers from VUSec …
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …
Scientists expose another security flaw in Intel processors
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Jo Van Bulck, Frank Piessens, and their colleagues in Austria, the United States, …
Wormable Windows SMBv3 RCE flaw leaked, but not patched
Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a …
Hackers are compromising vulnerable ManageEngine Desktop Central instances
Is your organization using ManageEngine Desktop Central? If the answer is yes, make sure you’ve upgraded to version 10.0.474 or risk falling prey to attackers who are …
Corporate cybersecurity concerns and spend continue to rise, but so do breaches
More than 50 percent of security and IT leaders agree that they are very concerned about the security of corporate endpoints given the prevalence of sophisticated attack …
Researchers use ultrasound waves vibrating through tables to access cellphones
Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?