vulnerability

Visit/security/vulnerability/356295/microsoft-patches-high-risk-flaws-that-can-be-exploited-with-a
vulnerability

Microsoft releases urgent patch for high-risk Windows 10 flaws

Two vulnerabilities in the Windows Codecs Library affected customers using several iterations of Windows 10 and Windows Server
1 Jul 2020
Visit/security/vulnerability/356281/hackers-primed-to-exploit-cvss-10-rated-flaw-in-palo-altos-pan-os
vulnerability

Hackers primed to exploit CVSS 10-rated flaw in Palo Alto's PAN-OS

The SAML-based authentication flaw in the firm’s networking services allows an attacker to gain access to assets
30 Jun 2020
Visit/security/vulnerability/356141/severe-cisco-webex-flaw-grants-hackers-access-to-meeting-data
vulnerability

‘Severe’ Cisco WebEx flaw grants hackers access to meeting data

The memory leakage vulnerability has been patched, with Cisco urging users to update their clients immediately
19 Jun 2020
Visit/security/vulnerability/356126/ibm-patches-highly-dangerous-maximo-asset-management-flaw
vulnerability

IBM patches "highly dangerous" Maximo Asset Management flaw

Companies in aerospace, nuclear power and pharmaceutics are vulnerable to server-side request forgery attacks
18 Jun 2020
Advertisement
Visit/security/hacking/356102/cia-vault-7-leak-woefully-lax-cyber-security
hacking

CIA Vault 7 leak blamed on "woefully lax" attitude to cyber security

Internal report reveals CIA division was ‘so focused on cyber weapons’ it neglected the security basics
17 Jun 2020
Visit/security/vulnerability/355979/open-source-vulnerabilities-doubled-in-2019
vulnerability

Open source vulnerabilities more than doubled in 2019

As open source is becoming more widely used, so are exploitable security vulnerabilities
9 Jun 2020
Visit/wannacry/34352/what-is-wannacry
WannaCry

What is WannaCry?

The full story behind one of the worst ransomware outbreaks in history
2 Jun 2020
Visit/security/vulnerability/355799/strandhogg-20-flaw-allows-hackers-to-hijack-almost-any-android-app
vulnerability

StrandHogg 2.0 flaw allows hackers to hijack almost any Android app

The second-generation Android vulnerability is ‘even more dangerous and difficult to detect'
27 May 2020
Advertisement
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

Rootkit Buster tool is plagued with "terrible code" designed to evade Microsoft’s WHQL driver certification
27 May 2020
Visit/security/vulnerability/355694/bluetooth-flaw-bias-attacks
vulnerability

Bluetooth pairing flaw exposes devices to BIAS attacks

Bluetooth SIG has been forced to update the core specification after researchers reveal a severe flaw in BR/EDR pairing
19 May 2020
Advertisement
Visit/security/vulnerability/355634/the-top-ten-most-commonly-exploited-vulnerabilities-revealed
Data on screen, viewed by shadowy hacker
vulnerability

The top ten most-commonly exploited vulnerabilities revealed

Flaws in Microsoft’s OLE technology are at the heart of some of the most widely-used attacks since 2016
13 May 2020
Visit/security/vulnerability/355597/thunderbolt-ports-forever-vulnerable-to-attack-in-devices-built-pre
vulnerability

Thunderbolt flaw exposes millions of PCs to attack

Hackers can bypass lock screens and hard drive encryption to copy data from targeted devices
11 May 2020
Visit/security/vulnerability/355424/apple-finds-no-evidence-hackers-exploited-critical-ios-mail-flaws
vulnerability

Apple finds "no evidence" hackers exploited critical iOS Mail flaws

The developer pours cold water over ZecOps' claims that businesses have been targeted since January 2018
24 Apr 2020
Visit/security/vulnerability/355415/two-severe-ios-mail-flaws-being-exploited-in-the-wild
vulnerability

Apple Mail on iOS has two severe "zero-click" flaws

The eight-year-old vulnerabilities can be triggered by cyber criminals on iOS 13 without any user action
23 Apr 2020
Advertisement
Visit/business-strategy/disaster-recovery-dr/355412/the-all-in-one-vulnerability-management-service
Whitepaperwhitepaper

Introducing VMDR: Vulnerability Management, Detection and Response

The all-in-one vulnerability management service
23 Apr 2020
Visit/security/vulnerability/355339/hackers-marketing-critical-zoom-windows-client-bug-for-500000
vulnerability

Hackers advertise critical Zoom Windows bug for $500,000

Two zero-days for Windows and MacOS are being sold, including an RCE flaw that paves the way for full PC takeover
16 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

Organisations set for a day of chaos on 14 April as vendors plan to fix 500-plus software vulnerabilities at once
9 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

After ten issues were reported in the pre-loaded ‘bloatware’ last year, three privilege escalation bugs remain unfixed
6 Apr 2020
Visit/security/vulnerability/354965/microsoft-accidentally-leaks-details-on-a-wormable-smb-flaw
vulnerability

Microsoft accidentally leaks details on a wormable SMB flaw

No patch is currently available for the vulnerability, which has now been publicly acknowledged
11 Mar 2020
Visit/security/vulnerability/354867/billion-plus-wi-fi-devices-hit-by-kr00k-vulnerability
vulnerability

Billion-plus Wi-Fi devices hit by serious Kr00k vulnerability

The flaw chiefly affects Broadcom and Cypress Wi-Fi chips and is related to the infamous KRACK attacks
27 Feb 2020
Advertisement
Visit/security/exploits/354731/microsoft-products-targeted-by-most-widely-used-exploits-in-2019
exploits

Microsoft products targeted by most widely-used exploits in 2019

Eight of the top ten exploitable flaws targeted Microsoft software, in addition to two Adobe Flash Player vulnerabilities
7 Feb 2020
Visit/security/vulnerability/354728/bluetooth-hijack-bug-among-25-android-flaws-patched-in-february
vulnerability

Bluetooth hijack bug among 25 Android flaws patched in February

Attackers could have exploited the flaw on older systems to execute arbitrary code on target devices
7 Feb 2020
Visit/security/network-security/354623/cisco-fixes-critical-flaw-in-network-management-platform
network security

Cisco fixes critical flaw in network management platform

The latest security hole is patched just days before the firm’s flagship Cisco Live 2020 conference
24 Jan 2020