Category: Vulnerabilities

February 19, 2020

New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. This trend is even […]

February 14, 2020

The application was used during the 2018 midterm elections in West Virginia, and was also deployed in elections in Denver, Oregon, and Utah. It was also used at the 2016 Massachusetts Democratic Convention and the 2016 Utah Republican Convention. Developed […]

February 7, 2020

A total of 25 vulnerabilities were fixed with Android’s February 2020 security updates, and the most important of them are two critical severity issues is System. One of these is CVE-2020-0022, a bug impacting the Bluetooth component, and which can […]

February 6, 2020

Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Recorded Future researchers have analyzed code repositories, underground forum postings, dark web sites, closed source reports and data sets comprising of submissions to popular malware […]

February 6, 2020

Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. Lightbulbs could be remotely controlled through a mobile app or […]

February 5, 2020

According to a report published by Microsoft, the company detects an average of 77,000 active web shells, spreading across 46,000 infected servers, on a daily base. A web shell is a code, often written in typical web development programming languages […]

January 31, 2020

Organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats, a Ponemon Institute study reveals. 68% IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or […]

January 30, 2020

DMA is designed to allow hardware components or peripheral devices to directly access system memory, independently of the operating system and the CPU. The feature, however, can be abused for malicious purposes by an attacker who has gained access to […]

January 30, 2020

A high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417, in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin. The plugin allows users to execute code […]

January 29, 2020

A total of 23 vulnerabilities were addressed in iOS 13.3.1 and iPadOS 13.3.1, now rolling out for iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation. The flaws impact components […]