vulnerability
Scientists expose another security flaw in Intel processors
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Jo Van Bulck, Frank Piessens, and their colleagues in Austria, the United States, …
Wormable Windows SMBv3 RCE flaw leaked, but not patched
Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a …
Hackers are compromising vulnerable ManageEngine Desktop Central instances
Is your organization using ManageEngine Desktop Central? If the answer is yes, make sure you’ve upgraded to version 10.0.474 or risk falling prey to attackers who are …
Corporate cybersecurity concerns and spend continue to rise, but so do breaches
More than 50 percent of security and IT leaders agree that they are very concerned about the security of corporate endpoints given the prevalence of sophisticated attack …
Researchers use ultrasound waves vibrating through tables to access cellphones
Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. …
You are focusing too much on vulnerabilities that pose little danger
Only half of the vulnerabilities in cloud containers ever posed a threat, according to a Rezilion study. The top 20 most popular container images on DockerHub were analyzed to …
CWE list now includes hardware security weaknesses
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses. About CWE The …
A new way for securing web browsers from hackers
A powerful new approach to securing web browsers is getting its first real-world application in the Firefox browser. Developed by a team of researchers from The University of …
Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets
ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers. Kr00k …
Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?
CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a …
Combat complexity to prevent cybersecurity fatigue
In today’s security landscape, the average company uses more than 20 security technologies. While vendor consolidation is steadily increasing with 86 percent of organizations …
A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics