Top

Category: Vulnerabilities


Mobile, Vulnerabilities, Wireless security

Cisco Patches Critical Flaw In ASR 9000 Routers

April 18, 2019

Via: Threat Post

Cisco has rushed out patches for a critical vulnerability in its ASR 9000 routers that could give remote, unauthenticated attackers access to the devices – as well as the power to launch denial-of-service (DoS) attacks against them. The flaw is […]


Vulnerabilities

Network DoS Attack on PLCs Can Disrupt Physical Processes

April 18, 2019

Via: Security Week

A team of researchers has demonstrated an interesting type of denial-of-service (DoS) attack on programmable logic controllers (PLCs), where network flooding can lead to the disruption of the physical process controlled by the device. A paper titled “You Snooze, You […]


Vulnerabilities

Windows Zero-Day Emerges in Active Exploits

April 17, 2019

Via: Threat Post

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover. Discovered by Vasily Berdnikov and Boris Larin of Kaspersky […]


Vulnerabilities

Oracle Squashes 53 Critical Bugs in April Security Update

April 17, 2019

Via: Threat Post

Oracle is urging customers to patch critical vulnerabilities in its products as part of its massive April update, which fixes a whopping 297 flaws. Of those flaws, 53 vulnerabilities in Oracle products had a CVSS score of 9.0 or higher, […]


Threats & Malware, Vulnerabilities

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

April 17, 2019

Via: Hot for Security

You might think that any security issues with Internet Explorer shouldn’t be much of a problem anymore. After all, most computer users have moved on to more modern alternative browsers like Chrome, Brave, Firefox, Safari, or Microsoft Edge. And even […]


Vulnerabilities

WordPress Yellow Pencil Plugin Flaws Actively Exploited

April 12, 2019

Via: Threat Post

The maker of a WordPress plugin, Yellow Pencil Visual Theme Customizer, is asking all users to immediately update after it was discovered to have software vulnerabilities that are being actively exploited. The attacker exploiting these flaws has been behind several […]


Vulnerabilities

Microsoft Patch Tuesday Fixes Windows Bugs Under Attack

April 10, 2019

Via: Dark Reading

Microsoft today issued its April batch of security fixes, which patches 74 vulnerabilities including two Windows zero-days under active attack. CVE-2019-0803 and CVE-2019-0859 both patch Windows elevation of privilege bugs found exploited in the wild. Microsoft describes both patches in […]


Vulnerabilities

Reservation Systems Used by Many Hotels Expose User Data

April 10, 2019

Via: Security Week

An analysis of the reservation systems used by more than 1,500 hotels around the world revealed that over two-thirds expose user information and allow someone to cancel bookings. Candid Wueest, principal threat researcher at Symantec, has analyzed the websites used […]


Application security, Mobile security, Vulnerabilities

Preinstalled Mobile Security App on Xiaomi Handsets Delivered Vulnerabilities, Not Protection

April 5, 2019

Via: Threat Post

Preinstalled apps on mobile phones can be just as annoying as crapware found on new PCs. Now a report from security experts at Check Point Research suggest those preinstalled mobile apps may be more than just annoying – they can […]


Vulnerabilities

Backdoors inevitably create vulnerabilities that can be exploited by malicious actors

April 4, 2019

Via: Help Net Security

73 percent of IT security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. The Venafi survey on government-mandated encryption backdoors evaluated the opinions of 517 IT security professionals attending the RSA Conference 2019. “This is […]