vulnerability
Mainframe security is top priority for 85% of IT pros yet few are adequately protecting their systems
While 85 percent of companies say mainframe security is a top priority, just 33 percent always or often make mainframe decisions based on security. The “Don’t Let Mainframe …
PoC exploit for Carpe Diem Apache bug released
Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a …
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
The unique business-critical threats facing converged IT-OT systems
Manufacturing networks still running outdated technology could risk their intellectual property and production processes. The Trend Micro report, Securing Smart Factories: …
Vulnerability found in Guard Provider, Xiaomi’s pre-installed security app
Check Point Research discovered a vulnerability in one of the preinstalled apps on devices manufactured by one of the world’s biggest mobile vendors, Xiaomi. The vulnerability …
Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …
Georgia Tech data breach: 1.3M students and staff potentially affected
The Georgia Institute of Technology, commonly referred to as Georgia Tech, has suffered yet another data breach. This time, the number of affected individuals may have reached …
Cisco botched patches for its RV320/RV325 routers
Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to …
Apple fixed some interesting bugs in iOS and macOS
In addition to announcing a number of new products and subscription services, Apple has released security updates for iOS, macOS, Safari, tvOS, iTunes, iCloud, and Xcode. The …
2017 Cisco WebEx flaw increasingly leveraged by attackers, phishing campaigns rise
Network attacks targeting a vulnerability in the Cisco Webex Chrome extension have increased dramatically. In fact, they were the second-most common network attack, according …
Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator
Applied Risk ICS Security Consultant Tom Westenberg discovered a DoS vulnerability in an emulated version of the Triconex TriStation Software Suite. Triconex is a Schneider …
March 2019 Patch Tuesday: Microsoft patches two actively exploited Windows flaws
As part of the March 2019 Patch Tuesday, Microsoft has released fixes for 64 CVE-numbered vulnerabilities, 17 of which are rated Critical and 45 Important. Interestingly …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?