Top

Category: Vulnerabilities


Vulnerabilities

Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical

May 23, 2018

Via: Threat Post

A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical remote code execution flaw that could allow total system compromise. EMC RecoverPoint is a disaster recovery tool that can be used to back up local and […]


Vulnerabilities, Wireless security

Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords

May 23, 2018

Via: Threat Post

Comcast patched a bug Monday that under certain conditions leaked customer SSID names and passwords of Xfinity routers. The flaw was accessible via the Comcast website used by customers to activate and manage their Xfinity router. The bug did not […]


Vulnerabilities

Intel Responds to Spectre-Like Flaw In CPUs

May 22, 2018

Via: Threat Post

Intel acknowledged that its processors are vulnerable to another dangerous speculative execution side channel flaw that could give attackers unauthorized read access to memory. The new vulnerability, disclosed by Google Project Zero and Microsoft’s Security Response Center, is called Variant […]


Malware, Vulnerabilities

Malicious PDF Leads to Discovery of Adobe Reader, Windows Zero-Days

May 16, 2018

Via: Security Week

Researchers at ESET recently came across a malicious PDF file set up to exploit two zero-day vulnerabilities affecting Adobe Reader and Microsoft Windows. The malicious document leverages a privilege escalation flaw in Windows (CVE-2018-8120) and a remote code execution vulnerability […]


Mobile security, Vulnerabilities

Samsung Patches Six Critical Bugs in Flagship Handsets

May 15, 2018

Via: Threat Post

Samsung began rolling out patches over the weekend to fix six critical bugs found in its flagship Android handsets as part of its May patch bulletin. Flaws range from a remote code execution bug to a buffer overflow vulnerability, plus […]


Phishing, Vulnerabilities

GDPR Phishing Scam Targets Apple Accounts, Financial Data

May 15, 2018

Via: Threat Post

A phishing campaign targeting Apple users is attempting to trick victims into updating their profiles under the guise it’s a part of proactive security hardening prepping for the introduction of General Data Protection Regulation (GDPR) policies set to go into […]


Malware, Vulnerabilities

Gandcrab Ransomware Exploits Website Vulnerabilities

May 14, 2018

Via: Dark Reading

Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures. Cryptominers may have stolen the spotlight as cybercrime’s hottest new trend, but it doesn’t mean we can stop paying attention to ransomware. Researchers at Cisco […]


Network security, Vulnerabilities

17 Zero-Days Found & Fixed in OPC-UA Industrial Protocol Implementations

May 11, 2018

Via: Dark Reading

Vulnerabilities in the framework used for secure data transfer in industrial systems were all fixed by March, says Kaspersky Lab. Researchers discovered 17 zero-day vulnerabilities in a popular framework for secure data transfer between clients and servers in industrial systems […]


Mobile security, Vulnerabilities

Severe Keyboard Flaws in LG Smartphones Allow Remote Code Execution

May 10, 2018

Via: Threat Post

LG has patched two severe vulnerabilities that reside in the default keyboard on all mainstream LG smartphones, including its flagship handsets; the flaws could be used to remotely execute code with elevated privileges. LG’s update also includes a fix for […]


Network security, Vulnerabilities

House panel approves bill to ‘hack’ the State Department

May 10, 2018

Via: The Hill

The House Foreign Affairs Committee on Wednesday approved a bipartisan bill that would incentivize ethical hackers to hunt for vulnerabilities in the State Department’s digital systems. The legislation would direct the department to set up a pilot “bug bounty” program […]