Tag: vulnerabilities

August 14, 2019

Microsoft is warning of a four new Windows vulnerabilities that are “wormable,” meaning they can be exploited to spread malware from one vulnerable computer to another without any user action in much the way the self-replicating WannaCry and NotPetya outbreaks […]

August 7, 2019

Microsoft last month pushed a silent update that mitigated a serious vulnerability in all CPUs Intel has introduced since 2012, researchers who discovered the flaw said Tuesday. The vulnerability—discovered and privately reported to Intel 12 months ago—resided in every CPU […]

August 5, 2019

Google has announced a partnership with chipmaker Arm to design an Android-ready MTE extension for reducing the number of memory-related vulnerabilities in the mobile platform. Last week, Kostya Serebryany from Google Core Systems and Sudhi Herle, a member of the […]

July 30, 2019

About 200 million Internet-connected devices—some that may be controlling elevators, medical equipment, and other mission-critical systems—are vulnerable to attacks that give attackers complete control, researchers warned on Monday. In all, researchers with security firm Armis identified 11 vulnerabilities in various […]

July 11, 2019

Whitehats used a novel denial-of-service hack to score a key victory against ransomware criminals. Unfortunately, the blackhats have struck back by updating their infrastructure, leaving the fight with no clear winner. Researchers at security firm Intezer performed the DoS technique […]

July 3, 2019

Router and webcam maker D-Link has agreed to implement a new security program to settle charges it failed to safeguard its hardware against well-known and preventable hacks and misrepresented its existing security regimen. Tuesday’s agreement settles a 2017 complaint by […]

June 19, 2019

Every headline-grabbing cyberattack unveils new sophisticated hacking techniques, but the attacker’s portrait remains the same: a modern-day professional with a strong sense of curiosity, patience, and social skills that thoroughly examines a company’s systems, takes note of every vulnerability, then […]

June 10, 2019

Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules). HSMs are hardware-isolated devices that use advanced cryptography to store, manipulate, and work […]

June 4, 2019

Forget the stealthy hacker deploying a never-before-seen zero day to bring down your network. IT security professionals admit that one in three breaches are the result of vulnerabilities that they should have already patched. Software vendors are constantly publishing new […]

May 23, 2019

A serial publisher of Microsoft zeroday vulnerabilities has dropped exploit code for three more unpatched flaws, marking the seventh time the unknown person has done so in the past year. Technical details of the vulnerabilities, along with working proof-of-concept exploits, […]

May 15, 2019

Microsoft is warning that the Internet could see another exploit with the magnitude of the WannaCry attack that shut down computers all over the world two years ago unless people patch a high-severity vulnerability. The software maker took the unusual […]

May 14, 2019

Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer. A representative of […]

May 7, 2019

One of the most significant events in computer security happened in April 2017, when a still-unidentified group calling itself the Shadow Brokers published a trove of the National Security Agency’s most coveted hacking tools. The leak and the subsequent repurposing […]

May 1, 2019

Vodafone, the largest mobile network operator in Europe, found backdoors in Huawei equipment between 2009 and 2011, reports Bloomberg. With these backdoors, Huawei could have gained unauthorized access to Vodafone’s “fixed-line network in Italy.” But Vodafone disagrees, saying that while […]

April 23, 2019

California Senator Kamala Harris warned that cyber attacks are becoming a “new form of war” Monday night during CNN’s town hall, ominously stating that it will be “a war without blood”—one for which the United States is not prepared. “We […]

April 15, 2019

Microsoft’s Internet Explorer browser has been the subject of unrelenting criticism and ridicule over the years—and not without reason. However, despite it being plagued with numerous security issues, some people are still using it, or at least have it installed […]

April 4, 2019

The Apache HTTP Server, the Internet’s most widely used Web server, just fixed a serious vulnerability that makes it possible for untrusted users or software to gain unfettered control of the machine the software runs on. CVE-2019-0211, as the vulnerability […]

March 29, 2019

Attack code was published on Friday that exploits a critical vulnerability in Magento e-commerce platform, all bug guaranteeing it will be used to plant payment card skimmers on sites that have yet to install a recently released patch. PRODSECBUG-2198 is […]

March 15, 2019

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by […]

February 20, 2019

WinRAR, a Windows file compression program with 500 million users worldwide, recently fixed a 14-year-old vulnerability that made it possible for attackers to execute malicious code when targets opened a booby-trapped file. The vulnerability was the result of an absolute […]