Top

Category: Vulnerabilities


Threats & Malware, Vulnerabilities

Defending the Castle: How World History Can Teach Cybersecurity a Lesson

May 13, 2021

Via: Dark Reading

Attackers strike where defenders least expect it — in cybersecurity, certainly, but in the world of physical warfare as well. As a former military officer, I think it’s particularly instructive to look at military battles from the cybersecurity defender’s perspective. […]


Threats & Malware, Vulnerabilities

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

May 12, 2021

Via: Security Affairs

As with many inventions of the 20th century, the internet has drastically changed using the phone. Once a vital necessity in every building, PBX boxes are driven towards extinction by devices supporting Voice over Internet Protocol (VoIP). As the name […]


Threats & Malware, Vulnerabilities

Siemens Addresses 60 Vulnerabilities Introduced by Third-Party Components

May 11, 2021

Via: Security Week

The German industrial giant has released more than a dozen advisories to inform customers about tens of vulnerabilities affecting RUGGEDCOM, SCALANCE, SIMATIC, SINEMA, SINAMICS and other products. The company has advised organizations using its products to either install updates or […]


Threats & Malware, Vulnerabilities

Millions of Dell Devices Vulnerable to Update Driver Flaw

May 5, 2021

Via: DataBreach Today

Dell has patched five flaws in a vulnerable firmware update driver that has shipped in millions of laptops, tablets and desktops since 2009. The vulnerabilities have been assigned a single CVE, CVE-2021-21551, and they have a CVSS score of 8.8. […]


Threats & Malware, Vulnerabilities

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

April 30, 2021

Via: The Hacker News

An “aggressive” financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as […]


Threats & Malware, Vulnerabilities

IoT riddled with BadAlloc vulnerabilities

April 30, 2021

Via: Malwarebytes

The Cybersecurity and Infrastructure Security Agency (CISA) has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems (RTOS) and supporting libraries. Those operating systems and libraries are widely used in smart, Internet-connected “things”. The number of affected devices […]


Threats & Malware, Vulnerabilities

Google Patches Yet Another Serious V8 Vulnerability in Chrome

April 28, 2021

Via: Security Week

The flaw, tracked as CVE-2021-21227 and rated high severity, was reported to Google by researcher Gengming Liu from Chinese cybersecurity firm Singular Security Lab. The researcher earned $15,000 for reporting the vulnerability, which Google described as “insufficient data validation in […]


Threats & Malware, Vulnerabilities

Covid-19 security challenges leave bank customers at risk

April 28, 2021

Via: Computer Weekly

Despite more than 70% of banks and insurers having experienced a 32% rise in cyber crime during the Covid-19 pandemic, financial institutions (FIs) have slashed their IT security, cyber crime, fraud and risk department budgets by 27% in the past […]


Threats & Malware, Virus & Malware, Vulnerabilities

Apple Patches macOS Security Bypass Vulnerability Exploited by ‘Shlayer’ Malware

April 27, 2021

Via: Security Week

The tech giant on Monday informed customers that it has patched tens of vulnerabilities in macOS Catalina, Mojave and Big Sur. The Big Sur update fixes nearly 60 security holes, including a logic issue tracked as CVE-2021-30657 that, Apple says, […]


Threats & Malware, Vulnerabilities

Oracle Delivers 390 Security Fixes With April 2021 CPU

April 21, 2021

Via: Security Week

The quarterly set of security patches addresses a total of 41 vulnerabilities considered critical severity, including 5 that feature a CVSS score of 10. The most severe of these vulnerabilities could be exploited to execute code remotely within the context […]