vulnerability
Cisco botched patches for its RV320/RV325 routers
Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to …
Apple fixed some interesting bugs in iOS and macOS
In addition to announcing a number of new products and subscription services, Apple has released security updates for iOS, macOS, Safari, tvOS, iTunes, iCloud, and Xcode. The …
2017 Cisco WebEx flaw increasingly leveraged by attackers, phishing campaigns rise
Network attacks targeting a vulnerability in the Cisco Webex Chrome extension have increased dramatically. In fact, they were the second-most common network attack, according …
Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator
Applied Risk ICS Security Consultant Tom Westenberg discovered a DoS vulnerability in an emulated version of the Triconex TriStation Software Suite. Triconex is a Schneider …
March 2019 Patch Tuesday: Microsoft patches two actively exploited Windows flaws
As part of the March 2019 Patch Tuesday, Microsoft has released fixes for 64 CVE-numbered vulnerabilities, 17 of which are rated Critical and 45 Important. Interestingly …
Exploitation of vulnerabilities in Moxa industrial switches could disrupt communication between ICS components
Positive Technologies experts Ivan Boyko, Vyacheslav Moskvin, and Sergey Fedonin have discovered multiple vulnerabilities in Moxa industrial switches in the EDS-405A, …
The reality of container escapes
In this Help Net Security podcast recorded at RSA Conference 2019, Brandon Edwards, Chief Scientist at Capsule8, talks about container escapes. Here’s a transcript of the …
Researchers create system that predicts vulnerability severity from tweets
To what extent do users’ opinions about threat severity expressed online align with expert judgments and can these opinions provide an early indicator to help prioritize …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
Windows Servers in danger of being compromised via WDS bug
Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly …
A third of 2018’s vulnerabilities have public exploits, 50% can be exploited remotely
Over 22,000 new vulnerabilities were disclosed during 2018, according to Risk Based Security’s 2018 Year End Vulnerability QuickView Report. While approximately 33% of …
Researchers and businesses need to work together to expose IoT vulnerabilities
As the Internet of Things (IoT) grows and smart devices gain popularity, cybercriminals will continue to find new ways to exploit all connected things. Two new vulnerabilities …