vulnerability
December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year, Intel has fixed Plundervolt, and Google has delivered …
How do SMBs plan to improve their security posture in 2020?
With cybersecurity concerns already mounting ahead of the 2020 presidential election, SMB executives are turning their attention to how these threats could impact their own …
Crooks are exploiting unpatched Android flaw to drain users’ bank accounts
Hackers are actively exploiting StrandHogg, a newly revealed Android vulnerability, to steal users’ mobile banking credentials and empty their accounts, a Norwegian app …
CVE gap widens: 16,738 vulnerabilities disclosed during the first nine months of 2019
Risk Based Security’s VulnDB team aggregated 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019 which surpassed CVE/NVD by 5,970 during the same …
Apache Solr RCEs with public PoCs could soon be exploited
Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has …
Cybercriminals targeting e-commerce website vulnerabilities this holiday season
Expect unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures. Disturbing lack of security measures Tala …
Driving collaboration between security and IT ops teams is a major challenge
Strained relationships between security and IT ops teams leave businesses vulnerable to disruption, even with increased spending on IT security and management tools, a Tanium …
Inadequate data sanitization puts enterprises at risk of breaches and compliance failures
Global enterprises’ overconfidence and inadequate data sanitization are exposing organizations to the risk of data breach, at a time when proper data management should be at …
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, …
The way Bluetooth devices ‘talk’ to apps leaves them vulnerable
Mobile apps that work with Bluetooth devices have an inherent design flaw that makes them vulnerable to hacking, a research has found. Where is the issue? The problem lies in …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Do your infosec habits make you vulnerable to fraud?
A third of Americans have been a victim of information fraud or identity theft. Despite notable data breaches in 2019, when asked if they update or change passwords/PINs after …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?