vulnerability
Flaws in the design of IoT devices prevent them from notifying homeowners about problems
Design flaws in smart home Internet of Things (IoT) devices that allow third parties to prevent devices from sharing information have been identified by researchers at North …
Flaw in pre-installed software opens Dell computers to remote hijack
Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? …
Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws
Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine …
Cybercriminals are becoming more methodical and adaptive
Cybercriminals are deviating towards a more focused approach against targets by using better obfuscation techniques and improved social engineering skills as organizations …
Qualcomm chips leak crypto data from secure execution environment
A vulnerability in Qualcomm chips could be exploited by attackers to retrieve encryption keys and sensitive information from the chipsets’ secure execution environment, …
Legacy infrastructures and unmanaged devices top security risks in the healthcare industry
The proliferation of healthcare IoT devices, along with unpartitioned networks, insufficient access controls and the reliance on legacy systems, has exposed a vulnerable …
Attackers are weaponizing more vulnerabilities than ever before
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of …
Bad security hygiene still a major risk for enterprise IT networks
Unpatched vulnerabilities, along with growing network and application complexity pose an ongoing security risk which could threaten the security of enterprise IT networks. …
Enterprise VPN apps store authentication and session cookies insecurely
CVE-2019-1573, a flaw that makes VPN applications store the authentication and/or session cookies insecurely (i.e. unencrypted) in memory and/or log files, affects a yet to be …
WPA3 design flaws affect security of new Wi-Fi standard
Researchers have discovered a number of design flaws affecting the security of the recently introduced WPA3 data transmission protocol. Collectively dubbed Dragonblood …
Mainframe security is top priority for 85% of IT pros yet few are adequately protecting their systems
While 85 percent of companies say mainframe security is a top priority, just 33 percent always or often make mainframe decisions based on security. The “Don’t Let Mainframe …
PoC exploit for Carpe Diem Apache bug released
Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a …