Tag: flaw

September 26, 2019

Cisco has disclosed over a dozen high-severity vulnerabilities affecting the widely deployed Cisco IOS and IOS XE network automation software, including a nasty one affecting its industrial routers and grid routers. The company is also warning customers to disable an […]

August 30, 2019

Google Project Zero, a group that examines and publishes security and privacy exploits it finds in public software, said on Thursday evening there were huge security holes in iPhone software that existed for two years. The exploits gave attackers access […]

August 20, 2019

Security researchers have discovered an unpatchable security flaw in a popular brand of system-on-chip (SoC) boards manufactured by Xilinx. The vulnerable component is Xilinx’s Zynq UltraScale+ brand, which includes system-on-chip (SoC), multi-processor system-on-chip (MPSoC), and radio frequency system-on-chip (RFSoC) products […]

June 20, 2019

Networking giant Cisco has disclosed two critical vulnerabilities affecting core equipment in the data center that could give determined attackers an avenue to break into networks. Cisco’s Digital Network Architecture (DNA) Center appliance has once again been found to be […]

June 19, 2019

Every headline-grabbing cyberattack unveils new sophisticated hacking techniques, but the attacker’s portrait remains the same: a modern-day professional with a strong sense of curiosity, patience, and social skills that thoroughly examines a company’s systems, takes note of every vulnerability, then […]

June 5, 2019

The National Security Agency has issued a rare advisory warning users to update their systems to protect against BlueKeep, a new security vulnerability with the capacity to rapidly spread between computers. The “critical”-rated bug affecting computers running Windows XP and […]

April 2, 2019

Security vulnerabilities in the mobile applications of 30 financial services providers are putting the institutions and their customers at risk. Exposed source code, sensitive data, access to backend services via APIs and more have been uncovered after a researcher downloaded […]

February 21, 2019

The Drupal project is urging website admins to install updates immediately after disclosing a highly-critical remote code execution bug affecting the Drupal core CMS. The bug was considered serious enough for Drupal’s security team to warn admins a day in […]

July 24, 2018

A cryptographic bug in many Bluetooth firmware and operating system drivers could allow an attacker within about 30 meters to capture and decrypt data shared between Bluetooth-paired devices. The flaw was found by Lior Neumann and Eli Biham of the […]

July 19, 2018

Cisco has resolved a set of critical vulnerabilities in Policy Suite which permit attackers to cause havoc in the software’s databases. This week, the tech giant released a security advisory detailing four vulnerabilities which could place enterprise users at risk […]

June 28, 2018

After observing attacks on customers, Cisco is telling users to install the fix for a recently disclosed denial-of-service flaw affecting a number of its security appliances. The flaw, tracked as CVE-2018-0296, was detailed in an advisory on June 6 and […]

April 4, 2018

Microsoft has rolled-out security updates to fix a critical remote code execution flaw affecting Windows Defender and other anti-malware products. Ahead of April’s Patch Tuesday, Microsoft has released patches for the critical flaw, which affects Microsoft Malware Protection Engine, or […]

January 18, 2018

Just weeks after handling a security flaw that allowed people to access Mac operating systems without a password, Apple is now facing a new threat: a “text bomb.” Luckily for iPhone and Mac users, the “chaiOS” text bomb bug is […]

November 17, 2017

Development platform GitHub has launched a new service that searches project dependencies in JavaScript and Ruby for known vulnerabilities and then alerts project owners if it finds any. The new service aims to help developers update project dependencies as soon […]

September 29, 2017

A flaw in the way Apple Mac firmware is updated could leave users unprotected from targeted cyber attacks – even though they believe the correct updates have been applied. Researchers at Duo Labs analysed over 73,000 Mac systems and found […]

May 10, 2017

Over 100,000 internet-connected cameras may be falling prey to a new IoT malware that’s spreading through recently disclosed vulnerabilities in the products. The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro […]

March 1, 2017

More than 1 million websites running the WordPress content management system may be vulnerable to hacks that allow visitors to snatch password data and secret keys out of databases, at least under certain conditions. The vulnerability stems from a “severe” […]

November 29, 2016

Online criminals—at least some of them wielding the notorious Mirai malware that transforms Internet-of-things devices into powerful denial-of-service cannons—have begun exploiting a critical flaw that may be present in millions of home routers. Routers provided to German and Irish ISP […]

November 24, 2016

The Network Time Foundation’s Network Time Protocol Project has patched multiple denial-of-service vulnerabilities with the release of ntp-4.2.8p9. The last update to the open source protocol used to synchronize computer clocks was in June. “NTP users are strongly urged to […]

November 1, 2016

Google and Microsoft are butting heads over the disclosure of vulnerabilities. On Monday, Google revealed a critical flaw in Windows after it gave Microsoft a ten-day window to warn the public about it. Google posted about the zero-day vulnerability on […]