Category: Vulnerabilities

Mobile, Mobile security, Threats & Malware, Vulnerabilities

Official Government COVID-19 Mobile Apps Hide a Raft of Threats

April 7, 2020

Via: Threat Post

A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they’re also putting people’s privacy and the security of their data at risk, researchers […]

Threats & Malware, Vulnerabilities

Security Think Tank: Why and how cyber criminals exploit world events

April 6, 2020

Via: Computer Weekly

Cyber criminals, APT actors and others who pose a threat to businesses and individuals are impacted and influenced by world events just like the rest of us. However, they will also use these events, as well as cultural events, to […]

Threats & Malware, Vulnerabilities

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

April 3, 2020

Via: Security Affairs

Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (XSS) vulnerability to create rogue admins or taking over admin sessions. The ‘Contact […]

Threats & Malware, Vulnerabilities

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

April 2, 2020

Via: Security Affairs

Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that targeted organizations in various industries. Human-operated ransomware is a […]

Network security, Security, Threats & Malware, Vulnerabilities

Will 5G Networks Inherit Vulnerabilities in 4G Networks?

March 30, 2020

Via: DataBreach Today

If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports. The firm’s new research report, which looked at […]

Threats & Malware, Vulnerabilities

Apple’s iOS 13.4 hit by VPN bypass vulnerability

March 30, 2020

Via: Naked Security

It’s less than a week since Apple’s iOS 13.4 appeared and already researchers have discovered a bug that puts at risk the privacy of Virtual Private Network (VPN) connections. Publicised by ProtonVPN, the issue is a bypass flaw caused by […]

Mobile, Privacy protection, Threats & Malware, Vulnerabilities

Websites of U.S. Presidential Candidates Pose Security, Privacy Risks

March 27, 2020

Via: Security Week

The security firm has monitored 11 websites during September and December 2019, and discovered that 81% of them execute code from third-party entities unmanaged by the candidate teams. Moreover, 6% of the domains executing on candidate websites were linked to […]

Access control, Security, Threats & Malware, Vulnerabilities

Password vulnerability at Fortune 1000 companies

March 25, 2020

Via: Help Net Security

Despite often repeated advice of using unique passwords for online accounts – or at least the most critical ones – password reuse continues to be rampant. And, according to breach discovery firm SpyCloud, employees of the Fortune 1000 are just […]

Threats & Malware, Vulnerabilities

Vulnerability Management Isn’t Just a Numbers Game

March 24, 2020

Via: Dark Reading

Organizations will be quickly overwhelmed if they try to treat all vulnerabilities equally. Given the sheer volume of vulnerabilities, limited resources, and varying objectives across the teams involved, effective cybersecurity requires the ability to view vulnerabilities in the proper context […]

Threats & Malware, Vulnerabilities

Attack Surface, Vulnerabilities Increase as Orgs Respond to COVID-19 Crisis

March 20, 2020

Via: Dark Reading

The speed at which organizations are being forced to respond to the unfolding COVID-19 health crisis could be leaving many of them vulnerable to attack by threat actors rushing to exploit the situation. Over the past few weeks security vendors […]