vulnerability
Seven cybersecurity and privacy forecasts for 2020
The developments in the area of cybersecurity are alarming. As the number of smart devices in private households increases, so do the opportunities for cyber criminals to …
A closer look at the global threat landscape
60% of initial entries into victims’ networks leveraged either previously stolen credentials or known software vulnerabilities, allowing attackers to rely less on deception to …
12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks
A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware …
Ransomware uses vulnerable, signed driver to disable endpoint security
Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed …
CDPwn vulnerabilities open millions of Cisco enterprise devices to attack
If you have Cisco equipment in your enterprise network – and chances are good that you have – you should check immediately which feature the newly revealed CDPwn …
Touch panels deployed in critical infrastructure vulnerable to remote attacks
Manufacturing facilities and processing centers using AutomationDirect C-more Touch Panels are advised to upgrade their firmware ASAP, as older versions contain a high-risk …
Secure 5G networks: EU toolbox of risk mitigating measures
EU Member States have identified risks and vulnerabilities at national level and published a joint EU risk assessment. Through the toolbox, the Member States are committing to …
93% of attempted mobile transactions in 2019 were fraudulent
93 percent of total mobile transactions in 20 countries were blocked as fraudulent in 2019 according to a report on the state of malware and mobile ad fraud released by …
68% of organizations were victims of endpoint attacks in 2019
Organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats, a Ponemon Institute study reveals. 68% IT security …
Magento patches critical code execution vulnerabilities, upgrade ASAP!
Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to …
Critical RCE flaw in OpenSMTPD, patch available
Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands …
How to detect and prevent issues with vulnerable LoRaWAN networks
IOActive researchers found that the LoRaWAN protocol – which is used across the globe to transmit data to and from IoT devices in smart cities, Industrial IoT, smart homes, …