Top

Tag: vulnerabilities


Vulnerabilities

Linux kernel affected by a local privilege escalation vulnerability

October 16, 2017

Via: Security Affairs

On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory error in the ALSA sequencer […]


Vulnerabilities

Microsoft Patches Critical Windows DNS Client Vulnerabilities

October 11, 2017

Via: Threat Post

Three critical Windows DNS client vulnerabilities were patched today by Microsoft, closing off an avenue where an attacker could relatively simply respond to DNS queries with malicious code and gain arbitrary code execution on Windows clients or Windows Server installations. […]


Vulnerabilities

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

October 3, 2017

Via: Threat Post

Netgear recently issued 50 patches for its routers, switches, NAS devices, and wireless access points to resolve vulnerabilities ranging from remote code execution bugs to authentication bypass flaws. Twenty of the patches address “high” vulnerability issues with the remaining 30 […]


Vulnerabilities

Apple Patches Vulnerabilities in macOS, macOS Server

September 26, 2017

Via: Security Week

Apple on Monday announced the release of security patches for its macOS users, available as part of the macOS High Sierra 10.13 platform upgrade. The tech company addressed over 40 security flaws impacting OS X Lion 10.8 and later. Affected […]


Vulnerabilities

Google Patches High Risk Flaws in Chrome

September 25, 2017

Via: Security Week

Google this week released an updated version of Chrome 61 to address two High severity vulnerabilities. Available for download as version 61.0.3163.100, the new Chrome iteration was pushed to all Windows, Mac, and Linux users, and should reach all in […]


Email security, Vulnerabilities

Internal Communications of Many Firms Exposed by Helpdesk Flaws

September 22, 2017

Via: Security Week

The way some companies have set up support systems can expose their internal communications to malicious actors, warned a researcher who used a newly discovered security hole to hack dozens of organizations. Belgium-based bug bounty hunter Inti De Ceukelaire initially […]


Threats & Malware, Vulnerabilities

China to Create Data Repository to Log Cyber Attacks

September 13, 2017

Via: Dark Reading

Telcos, government agencies, Internet companies, and domain-name organizations to file cybersecurity information. China’s Ministry of Industry and Information Technology (MIIT) on Wednesday unveiled a directive that calls on organizations and government agencies to report cyber-attack information into a nationwide data […]


Application security, Vulnerabilities

5.3 billion devices at risk for invisible, infectious Bluetooth attack

September 12, 2017

Via: CSO Online

What spreads through the air, is invisible to users, and requires no user interaction— no clicking, no pairing, no downloading, not even turning on discoverable mode— but could bring the hurt to billions of devices? It’s an attack vector dubbed […]


Data loss, Security

7 Takeaways From The Equifax Data Breach

September 11, 2017

Via: Dark Reading

The exposure of PII belonging to 143 million US consumers raises questions about the continued use of SSNs as identifiers, breach liability and app sec spending. Application Vulnerabilities Remain The Achilles Heel Application-level vulnerabilities have caused far more data breaches […]


Security, Threats & Malware

Cyber resiliency – a key to corporate survival (and sleep)

September 11, 2017

Via: CSO Online

For those of us in the healthcare industry, and I suspect many others, the  WannaCry ransomware attack is now referred to as the weekend without sleep. In my organization, a cross-section of folks from all areas spent most of their […]