vulnerability
Researchers use ultrasound waves vibrating through tables to access cellphones
Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. …
You are focusing too much on vulnerabilities that pose little danger
Only half of the vulnerabilities in cloud containers ever posed a threat, according to a Rezilion study. The top 20 most popular container images on DockerHub were analyzed to …
CWE list now includes hardware security weaknesses
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses. About CWE The …
A new way for securing web browsers from hackers
A powerful new approach to securing web browsers is getting its first real-world application in the Firefox browser. Developed by a team of researchers from The University of …
Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets
ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers. Kr00k …
Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?
CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a …
Combat complexity to prevent cybersecurity fatigue
In today’s security landscape, the average company uses more than 20 security technologies. While vendor consolidation is steadily increasing with 86 percent of organizations …
A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …
By exploiting an LTE vulnerability, attackers can impersonate mobile phone users
Exploiting a vulnerability in the mobile communication standard LTE, researchers at Ruhr-Universität Bochum can impersonate mobile phone users. Consequently, they can book …
Organizations lack confidence in their network security
IoT is barreling toward the enterprise, but organizations remain highly vulnerable to IoT-based attacks, according to Extreme Networks. The report, which surveyed 540 IT …
Cisco drops security fixes for Smart Software Manager, security appliances
Cisco has released a new batch of security fixes for a number of its products, including its Smart Software Manager On-Prem solution and its Email Security and Content …
High-risk vulnerabilities and public cloud-based attacks on the rise
A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act