Displaying items by tag: Vulnerability

GitHub today announced its suite of supply chain features is now available for the Go programming language. This includes the GitHub security database with over 150 Go advisories, Dependabot alerts and updates, and dependency graph which provides information to alert for vulnerable dependencies.

Published in Security

McAfee's Enterprise Advanced Threat Research (ATR) team have released a vulnerability disclosure for the Peloton Bike+ to gain remote access to the bike's tablet, camera, microphone and personal data - how did they do it? 

Published in Home Tech

Although it has just been over three weeks since the last updates for the iPhone, iPad and Apple Watch, and in the last update, Apple TV's tvOS too, another update is out to defeat this vulnerability which "may have been actively exploited."

Published in Security

The number of APT groups "exploiting the latest Exchange vulnerabilities grows, with thousands of email servers under siege" according to security company ESET.

Published in Security

A memory corruption issue that could see maliciously crafted web content being processed may lead to arbitrary code execution on all those platforms has seen an update being made available today.

Published in Security

Microsoft has released an additional patch to fix the Zerologon vulnerability that surfaced last year, having first issued a patch for the flaw in August 2020 and then updated it the following month.

Published in Security
Friday, 22 January 2021 13:24

Moving towards a passwordless future

GUEST OPINION: Reports suggest that cyber criminals have been more active than ever during the global pandemic, seeing the state of general upheaval as an opportunity to evolve and find new attack vectors.

Published in Guest Opinion

A warning has been issued by the Israel National Cyber Directorate about a critical remote code execution flaw in the Drupal content management system.

Published in Security

Researchers at security firm Eclypsium have discovered a means whereby malicious code can be inserted during the boot-up process on a device running Linux, due to a flaw in the bootloader used: the grand unified bootloader otherwise known as GRUB, now in its second version.

Published in Security

According to unconfirmed reports, there is a hidden access 'backdoor' in the Siemens SIMATIC S7-1200 PLC (programmable logic controller) which would give attackers access to any device.

Published in Security

Researchers at AdaptiveMobile Security recently detected a new vulnerability that uses the confirguration protocols used by a telco to provision a phone, making itessentially impossible for the user to block.

Published in Security

A script that mines for cryptocurrencies on Linux systems first needs to infect these systems, either by using brute force to guess SSH passwords or else by gaining entry through the use of stolen credentials that can be bought on dark web forums.

Published in Security

Open-source web platform Meteor has disclosed a recently discovered vulnerability which can break MongoDB protections.

Published in Open Source
Wednesday, 28 June 2017 13:00

Ransomware runs amok, Microsoft still silent

When a disastrous ransomware attack is devastating computers across the globe, based on a five-year-old NSA discovered vulnerability, where’s Microsoft?

Published in Fuzzy Logic

A 2014 vulnerability in OpenSSL is yet to be patched in about 200,000 Web-facing devices, according to figures from the Shodan search engine.

Published in Security

If you recently updated your iOS version to 9.3.3 and thought that was it until iOS 10, there’s an urgent update to iOS 9.3.4 for security you should get.

Published in Security

Four vulnerabilities have been discovered in premium Qualcomm LTE, 4G chipsets that can give an attacker complete control of an Android smartphone or tablet.

Published in Security
Monday, 30 May 2016 22:41

A SCADA system that cannot be patched

ICS-CERT has advised of a vulnerable SCADA system currently in use that cannot be patched.

Published in Security

What do you do when the US Department of Homeland Security warns Windows users to remove QuickTime – you do it.

Published in Security

A Kaspersky Lab tech expert has found ways to hack into medical devices in an attempt to explore security weaknesses and how to address them - the findings will make you ill!

Published in Security

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments