vulnerability
Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted …
Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping
Cequence Security’s CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially allows an attacker to …
DevSecOps is emerging as the main methodology for securing cloud-native applications
Only 8 percent of companies are securing 75 percent or more of their cloud-native applications with DevSecOps practices today, with that number jumping to 68 percent of …
Employees are mistakenly confident that they can spot phishing emails
While a majority (79%) of people say they are able to distinguish a phishing message from a genuine one, nearly half (49%) also admit to having clicked on a link from an …
vBulletin zero-day exploited in the wild in wake of exploit release
An anonymous bug hunter has released a working and elegantly simple exploit for a pre-authentication remote code execution flaw (CVE-2019-16759) affecting vBulletin and it …
Older vulnerabilities and those with lower severity scores still being exploited by ransomware
Almost 65% of top vulnerabilities used in enterprise ransomware attacks targeted high-value assets like servers, close to 55% had CVSS v2 scores lower than 8, nearly 35% were …
Disclosing vulnerabilities to improve software security is good for everyone
Today, software companies and security researchers are near universal in their belief that disclosing vulnerabilities to improve software security is good for everyone, …
A bug made some Windows Defender antivirus scans fail
Microsoft has released a fix for a bug that made its Windows Defender Antivirus fail after a few seconds when users opted for a Quick or Full scan of the system. Users are …
Researchers uncover 125 vulnerabilities across 13 routers and NAS devices
In a cybersecurity study of network attached storage (NAS) systems and routers, Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming …
Simjacker vulnerability actively exploited to track, spy on mobile phone owners
Following extensive research, AdaptiveMobile Security has uncovered a new and previously undetected vulnerability. This vulnerability is currently being exploited and is being …
September 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days
For the September 2019 Patch Tuesday, Microsoft delivered fixes for 80 CVE-numbered security issues (including to actively exploited zero-days), Adobe fixed flaws in Flash …
Critical Exim flaw opens servers to remote code execution, patch now!
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?