vulnerability
Nearly a million WordPress sites targeted in extensive attacks
A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge
Adobe has pushed out security updates fixing critical flaws in Magento Commerce, Open Source Enterprise and Community editions, Adobe Illustrator 2020 for Windows, and Adobe …
Massive work-from-home movement exposes cybersecurity weaknesses
News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 …
Update MS Office, Paint 3D to plug RCE vulnerabilities
A week after the April 2020 Patch Tuesday, Microsoft has released out-of-band security updates for its Office suite, to fix a handful of vulnerabilities that attackers could …
Starbleed vulnerability: Attackers can gain control over FPGAs
Field Programmable Gate Arrays, FPGAs for short, are flexibly programmable computer chips that are considered very secure components in many applications. Starbleed …
Surge in remote working reveals concerns around unprotected endpoints
Millions of US businesses forced to rapidly support home working for employees are facing significant challenges to securely manage their IT networks. New research from Tanium …
Using Cisco IP phones? Fix these critical vulnerabilities
Cisco has released another batch of fixes for a number of its products. Among the vulnerabilities fixed are critical flaws affecting a variety of Cisco IP phones and Cisco UCS …
April 2020 Patch Tuesday: Microsoft fixes three actively exploited vulnerabilities
For the April 2020 Patch Tuesday, Adobe plugs 5 flaws and Microsoft 113, three of which are currently being exploited by attackers. Adobe’s updates On this Patch …
VMware plugs critical flaw in vCenter Server, patch ASAP!
VMware has fixed a critical vulnerability (CVE-2020-3952) affecting vCenter Server, which can be exploited to extract highly sensitive information that could be used to …
Shift to work-from-home: Most IT pros worried about cloud security
As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining …
Actively exploited MS Exchange flaw present on 80% of exposed servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can …