Displaying items by tag: Vulnerability

GUEST INTERVIEW: We live in a time of cyber war, with businesses under constant attack, with ransomware running riot, with COVID providing chaos and cover for cyber criminals to extort and blackmail, but the bad guys aren't the only ones on the playing field: Secureworks and other security firms are working hard to fight back to keep businesses and individuals protected.

Published in Guest Interviews

Apple has pushed out a second update to iOS 15 and iPadOS 15 less than two weeks after the first, which in turn arrived less than a fortnight after the debut of the latest versions of Apple's mobile operating systems. watchOS 8 has also been updated.

Published in Mobility

Claroty security researchers have disclosed three vulnerabilities in Honeywell's Experion PKS distributed content system which permit an attacker to execute malicious code, disrupt business processes, and perform denial of service attacks. Honeywell has issued patches.

Published in Security

GitHub today announced its suite of supply chain features is now available for the Go programming language. This includes the GitHub security database with over 150 Go advisories, Dependabot alerts and updates, and dependency graph which provides information to alert for vulnerable dependencies.

Published in Security

McAfee's Enterprise Advanced Threat Research (ATR) team have released a vulnerability disclosure for the Peloton Bike+ to gain remote access to the bike's tablet, camera, microphone and personal data - how did they do it? 

Published in Home Tech

Although it has just been over three weeks since the last updates for the iPhone, iPad and Apple Watch, and in the last update, Apple TV's tvOS too, another update is out to defeat this vulnerability which "may have been actively exploited."

Published in Security

The number of APT groups "exploiting the latest Exchange vulnerabilities grows, with thousands of email servers under siege" according to security company ESET.

Published in Security

A memory corruption issue that could see maliciously crafted web content being processed may lead to arbitrary code execution on all those platforms has seen an update being made available today.

Published in Security

Microsoft has released an additional patch to fix the Zerologon vulnerability that surfaced last year, having first issued a patch for the flaw in August 2020 and then updated it the following month.

Published in Security
Friday, 22 January 2021 13:24

Moving towards a passwordless future

GUEST OPINION: Reports suggest that cyber criminals have been more active than ever during the global pandemic, seeing the state of general upheaval as an opportunity to evolve and find new attack vectors.

Published in Guest Opinion

A warning has been issued by the Israel National Cyber Directorate about a critical remote code execution flaw in the Drupal content management system.

Published in Security

Researchers at security firm Eclypsium have discovered a means whereby malicious code can be inserted during the boot-up process on a device running Linux, due to a flaw in the bootloader used: the grand unified bootloader otherwise known as GRUB, now in its second version.

Published in Security

According to unconfirmed reports, there is a hidden access 'backdoor' in the Siemens SIMATIC S7-1200 PLC (programmable logic controller) which would give attackers access to any device.

Published in Security

Researchers at AdaptiveMobile Security recently detected a new vulnerability that uses the confirguration protocols used by a telco to provision a phone, making itessentially impossible for the user to block.

Published in Security

A script that mines for cryptocurrencies on Linux systems first needs to infect these systems, either by using brute force to guess SSH passwords or else by gaining entry through the use of stolen credentials that can be bought on dark web forums.

Published in Security

Open-source web platform Meteor has disclosed a recently discovered vulnerability which can break MongoDB protections.

Published in Open Source
Wednesday, 28 June 2017 13:00

Ransomware runs amok, Microsoft still silent

When a disastrous ransomware attack is devastating computers across the globe, based on a five-year-old NSA discovered vulnerability, where’s Microsoft?

Published in Fuzzy Logic

A 2014 vulnerability in OpenSSL is yet to be patched in about 200,000 Web-facing devices, according to figures from the Shodan search engine.

Published in Security

If you recently updated your iOS version to 9.3.3 and thought that was it until iOS 10, there’s an urgent update to iOS 9.3.4 for security you should get.

Published in Security

Four vulnerabilities have been discovered in premium Qualcomm LTE, 4G chipsets that can give an attacker complete control of an Android smartphone or tablet.

Published in Security

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments