vulnerability
A bug made some Windows Defender antivirus scans fail
Microsoft has released a fix for a bug that made its Windows Defender Antivirus fail after a few seconds when users opted for a Quick or Full scan of the system. Users are …
Researchers uncover 125 vulnerabilities across 13 routers and NAS devices
In a cybersecurity study of network attached storage (NAS) systems and routers, Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming …
Simjacker vulnerability actively exploited to track, spy on mobile phone owners
Following extensive research, AdaptiveMobile Security has uncovered a new and previously undetected vulnerability. This vulnerability is currently being exploited and is being …
September 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days
For the September 2019 Patch Tuesday, Microsoft delivered fixes for 80 CVE-numbered security issues (including to actively exploited zero-days), Adobe fixed flaws in Flash …
Critical Exim flaw opens servers to remote code execution, patch now!
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on …
Critical vulnerabilities uncovered in Danfoss SCADA product, patch now!
Risk Based Security uncovered multiple vulnerabilities in the AK-EM 800 product from SCADA vendor Danfoss. The discovered vulnerabilities Researchers found two critical …
Security hole opens a billion Android users to advanced SMS phishing attacks
Check Point Research has revealed a security flaw in Samsung, Huawei, LG, Sony and other Android-based phones that leaves users vulnerable to advanced phishing attacks. The …
BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks
A slew of vulnerabilities affecting the baseboard management controllers (BMCs) of Supermicro servers could be exploited by remote attackers to gain access to corporate …
Attackers are exploiting vulnerable WP plugins to backdoor sites
A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …
Google discovers websites exploiting iPhones, pushing spying implants en masse
Unidentified attackers have been compromising websites for nearly three years, equipping them with exploits that would hack visiting iPhones without any user interaction and …
Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure …
Five vendors accounted for 24.1% of vulnerabilities in 2019 so far
Risk Based Security reported today that VulnDB aggregated 11,092 vulnerabilities with disclosure dates during the first half of 2019, with CVE/NVD falling behind by 4,332 …