Category: Vulnerabilities

April 7, 2020

A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they’re also putting people’s privacy and the security of their data at risk, researchers […]

April 6, 2020

Cyber criminals, APT actors and others who pose a threat to businesses and individuals are impacted and influenced by world events just like the rest of us. However, they will also use these events, as well as cultural events, to […]

April 3, 2020

Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (XSS) vulnerability to create rogue admins or taking over admin sessions. The ‘Contact […]

April 2, 2020

Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that targeted organizations in various industries. Human-operated ransomware is a […]

March 30, 2020

If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports. The firm’s new research report, which looked at […]

March 30, 2020

It’s less than a week since Apple’s iOS 13.4 appeared and already researchers have discovered a bug that puts at risk the privacy of Virtual Private Network (VPN) connections. Publicised by ProtonVPN, the issue is a bypass flaw caused by […]

March 27, 2020

The security firm has monitored 11 websites during September and December 2019, and discovered that 81% of them execute code from third-party entities unmanaged by the candidate teams. Moreover, 6% of the domains executing on candidate websites were linked to […]

March 25, 2020

Despite often repeated advice of using unique passwords for online accounts – or at least the most critical ones – password reuse continues to be rampant. And, according to breach discovery firm SpyCloud, employees of the Fortune 1000 are just […]

March 24, 2020

Organizations will be quickly overwhelmed if they try to treat all vulnerabilities equally. Given the sheer volume of vulnerabilities, limited resources, and varying objectives across the teams involved, effective cybersecurity requires the ability to view vulnerabilities in the proper context […]

March 20, 2020

The speed at which organizations are being forced to respond to the unfolding COVID-19 health crisis could be leaving many of them vulnerable to attack by threat actors rushing to exploit the situation. Over the past few weeks security vendors […]