vulnerability
A closer look at the global threat landscape
60% of initial entries into victims’ networks leveraged either previously stolen credentials or known software vulnerabilities, allowing attackers to rely less on deception to …
12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks
A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware …
Ransomware uses vulnerable, signed driver to disable endpoint security
Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed …
CDPwn vulnerabilities open millions of Cisco enterprise devices to attack
If you have Cisco equipment in your enterprise network – and chances are good that you have – you should check immediately which feature the newly revealed CDPwn …
Touch panels deployed in critical infrastructure vulnerable to remote attacks
Manufacturing facilities and processing centers using AutomationDirect C-more Touch Panels are advised to upgrade their firmware ASAP, as older versions contain a high-risk …
Secure 5G networks: EU toolbox of risk mitigating measures
EU Member States have identified risks and vulnerabilities at national level and published a joint EU risk assessment. Through the toolbox, the Member States are committing to …
93% of attempted mobile transactions in 2019 were fraudulent
93 percent of total mobile transactions in 20 countries were blocked as fraudulent in 2019 according to a report on the state of malware and mobile ad fraud released by …
68% of organizations were victims of endpoint attacks in 2019
Organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats, a Ponemon Institute study reveals. 68% IT security …
Magento patches critical code execution vulnerabilities, upgrade ASAP!
Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to …
Critical RCE flaw in OpenSMTPD, patch available
Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands …
How to detect and prevent issues with vulnerable LoRaWAN networks
IOActive researchers found that the LoRaWAN protocol – which is used across the globe to transmit data to and from IoT devices in smart cities, Industrial IoT, smart homes, …
MDhex vulnerabilities open GE Healthcare patient monitoring devices to attackers
Researchers have discovered six critical and high-risk vulnerabilities – collectively dubbed MDhex – affecting a number of patient monitoring devices manufactured …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?