vulnerability
Unpatchable KeyWe smart lock can be easily picked
A design flaw in the KeyWe smart lock (GKW-2000D), which is mostly used for remote-controlled entry to private residences, can be exploited by attackers to gain access to the …
December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year, Intel has fixed Plundervolt, and Google has delivered …
How do SMBs plan to improve their security posture in 2020?
With cybersecurity concerns already mounting ahead of the 2020 presidential election, SMB executives are turning their attention to how these threats could impact their own …
Crooks are exploiting unpatched Android flaw to drain users’ bank accounts
Hackers are actively exploiting StrandHogg, a newly revealed Android vulnerability, to steal users’ mobile banking credentials and empty their accounts, a Norwegian app …
CVE gap widens: 16,738 vulnerabilities disclosed during the first nine months of 2019
Risk Based Security’s VulnDB team aggregated 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019 which surpassed CVE/NVD by 5,970 during the same …
Apache Solr RCEs with public PoCs could soon be exploited
Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has …
Cybercriminals targeting e-commerce website vulnerabilities this holiday season
Expect unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures. Disturbing lack of security measures Tala …
Driving collaboration between security and IT ops teams is a major challenge
Strained relationships between security and IT ops teams leave businesses vulnerable to disruption, even with increased spending on IT security and management tools, a Tanium …
Inadequate data sanitization puts enterprises at risk of breaches and compliance failures
Global enterprises’ overconfidence and inadequate data sanitization are exposing organizations to the risk of data breach, at a time when proper data management should be at …
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, …
The way Bluetooth devices ‘talk’ to apps leaves them vulnerable
Mobile apps that work with Bluetooth devices have an inherent design flaw that makes them vulnerable to hacking, a research has found. Where is the issue? The problem lies in …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …