vulnerability
StrandHogg 2.0: Critical Android flaw allows app hijacking, data theft
Google has released a patch for CVE-2020-0096, a critical escalation of privilege vulnerability in Android that allows attackers to hijack apps (tasks) on the victim’s …
Computer science student discovers privacy flaws in security and doorbell cameras
Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to systemic design flaws discovered by Florida Tech …
C-suite execs often pressure IT teams to make security exceptions for them
The C-suite is the most likely group within an organization to ask for relaxed mobile security protocols (74%) – despite also being highly targeted by malicious cyberattacks, …
Application threats and security trends you need to know about
Applications are a gateway to valuable data, so it’s no wonder they are one of attackers’ preferred targets. And since modern applications aren’t a …
23% of leading banks had an exposed database with potential data leakage
Reposify unveiled research findings of critical asset exposures and vulnerabilities in attack surfaces of the world’s leading multinational banks. Researchers measured …
Cisco fixes critical RCE flaw in call center solution
Cisco has patched a critical remote code execution hole (CVE-2020-3280) in Cisco Unified Contact Center Express, its “contact center in a box” solution, and is …
Signal fixes location-revealing flaw, introduces Signal PINs
Signal has fixed a vulnerability affecting its popular eponymous secure communications app that allowed bad actors to discover and track a user’s location. The non …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Vulnerability in Qmail mail transport agent allows RCE
Qualys researchers have found a way to exploit an previously known (and very old) vulnerability in Qmail, a secure mail transport agent, to achieve both remote code execution …
With the threat landscape continuously changing, businesses must be ready for anything
Despite efforts by organizations to layer up their cyber defenses, the threat landscape is changing, attackers are innovating and automating their attacks, NTT reveals. The …
Businesses vulnerable to emerging risks have a gap in their insurance coverage
The majority of business decision makers are insured against traditional cyber risks, such as breaches of personal information, but most were vulnerable to emerging risks, …
Fear the PrintDemon? Upgrade Windows to patch easily exploited flaw
Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a “lowly” privilege escalation vulnerability in the Windows Print …