vulnerability
A new way for securing web browsers from hackers
A powerful new approach to securing web browsers is getting its first real-world application in the Firefox browser. Developed by a team of researchers from The University of …
Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets
ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers. Kr00k …
Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?
CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a …
Combat complexity to prevent cybersecurity fatigue
In today’s security landscape, the average company uses more than 20 security technologies. While vendor consolidation is steadily increasing with 86 percent of organizations …
A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …
By exploiting an LTE vulnerability, attackers can impersonate mobile phone users
Exploiting a vulnerability in the mobile communication standard LTE, researchers at Ruhr-Universität Bochum can impersonate mobile phone users. Consequently, they can book …
Organizations lack confidence in their network security
IoT is barreling toward the enterprise, but organizations remain highly vulnerable to IoT-based attacks, according to Extreme Networks. The report, which surveyed 540 IT …
Cisco drops security fixes for Smart Software Manager, security appliances
Cisco has released a new batch of security fixes for a number of its products, including its Smart Software Manager On-Prem solution and its Email Security and Content …
High-risk vulnerabilities and public cloud-based attacks on the rise
A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. …
Seven cybersecurity and privacy forecasts for 2020
The developments in the area of cybersecurity are alarming. As the number of smart devices in private households increases, so do the opportunities for cyber criminals to …
A closer look at the global threat landscape
60% of initial entries into victims’ networks leveraged either previously stolen credentials or known software vulnerabilities, allowing attackers to rely less on deception to …
12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks
A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware …