A new report by Sonatype looks at the security implications of the growing demand for open source software (OSS). The study shows that the number of security breaches stemming from vulnerabilities in …
Millions of Dell PCs Vulnerable to Attack: Patch Now
A new report by SafeBreach warns that millions of Dell computers are at risk of being remotely compromised by threat actors due to a critical vulnerability in SupportAssist, a hardware-diagnostics …
Continue Reading about Millions of Dell PCs Vulnerable to Attack: Patch Now
Mozilla Patches Firefox Critical Flaw Under Active Attack
Mozilla has issued a patch for a critical security flaw affecting Windows, macOS and Linux versions of the popular Firefox browser. Threat actors have already begun exploiting the vulnerability, …
Continue Reading about Mozilla Patches Firefox Critical Flaw Under Active Attack
Insecure Home IoT Devices a Clear and Present Danger to Corporate Security
A massive analysis of 83 million devices that are part of the Internet-of-things (IoT) indicates that more and more homes contain smart devices, while also providing further evidence of the notorious …
Continue Reading about Insecure Home IoT Devices a Clear and Present Danger to Corporate Security
76% of mobile apps have flaws allowing hackers to steal passwords, money, and texts
A new report by Positive Technologies underscores the prevalence of serious security flaws in mobile applications. The most common type of vulnerability is insecure data storage, which affects 76% of …
US Govt Achieves BlueKeep Remote Code Execution, Issues Alert
The Cybersecurity and Infrastructure Security Agency (CISA) is urging users to patch the highly critical BlueKeep security flaw (CVE-2019-0708) that impacts Remote Desktop Protocol (RDP) …
Continue Reading about US Govt Achieves BlueKeep Remote Code Execution, Issues Alert
Disgruntled security firm discloses zero-days in Facebook’s WordPress plugins
A security firm holding a grudge against WordPress recently released proof-of-concept (PoC) code for two zero-days affecting two official Facebook plugins for WordPress. The impacted plugins are …
Continue Reading about Disgruntled security firm discloses zero-days in Facebook’s WordPress plugins
Millions of Email Servers at Risk from Cryptomining Worm
Cybereason warns that threat actors have started to exploit a recently patched critical vulnerability that still affects over 3.5 million Exim email servers around the globe. The researchers have …
Continue Reading about Millions of Email Servers at Risk from Cryptomining Worm
Evernote Critical Flaw Opened Personal Data of Millions to Attack
Gaurdio researchers recently uncovered a major cross site scripting (XSS) flaw in the Chrome extension for the popular note-taking app Evernote. The vulnerability made it possible for threat actors to …
Continue Reading about Evernote Critical Flaw Opened Personal Data of Millions to Attack
Hospital medical equipment contains potentially lethal vulnerability
Security researchers at CyberMDX have uncovered a highly dangerous vulnerability in the Alaris Gateway Workstation produced by BD. The vulnerable device is used in hospitals to "provide mounting, …
Continue Reading about Hospital medical equipment contains potentially lethal vulnerability