vulnerability
The pace of vulnerability disclosure shows no signs of slowing
Unless the pace of vulnerability disclosure slows down in the coming quarters, we are looking at yet another record-breaking year, according to Risk Based Security’s …
SAP systems: The threat of insecure configurations
Onapsis researchers revealed a critical security configuration vulnerability that results from default installations in SAP systems which if left insecure, could lead to a …
Crypto flaw in Oracle Access Manager can let attackers pass through
A padding oracle vulnerability in Oracle Access Manager (CVE-2018-2879) can be exploited by attackers to bypass authentication and impersonate any user account. About the …
It’s time to update your Cisco WebEx software again!
Cisco has released security updates for a variety of its offerings, including some that fix critical remote code execution vulnerabilities in Webex software, Cisco Secure ACS …
Most SAP systems vulnerable to critical security configuration risk
Onapsis researchers revealed a critical security configuration vulnerability that results from default installations in SAP systems which if left insecure, could lead to a …
Apple device users, stay away from QR codes until you upgrade
It’s time to update your Mac and iOS-powered devices again: Apple has plugged four vulnerabilities, two of which could be exploited to execute arbitrary code if a user …
Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
Cisco has fixed a critical vulnerability in its Webex videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a …
Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear …
Emergency alert systems used across the US can be easily hijacked
A vulnerability affecting emergency alert systems supplied by ATI Systems, one of the leading suppliers of warning sirens in the USA, could be exploited remotely via radio …
Hackers leverage flaw in Cisco switches to hit Russian, Iranian networks
The proof-of-concept exploit code for a vulnerability affecting many Cisco switches has been leveraged by vigilante hackers to mess with networks and data-centers in Russia …
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
Intel will not provide Spectre/Meltdown microcode updates for some processor families
Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) …