Top

Category: Vulnerabilities


Vulnerabilities

Researcher Says NSA’s Ghidra Tool Can Be Used for RCE

March 20, 2019

Via: Threat Post

Ghidra, a free, open-source software reverse-engineering tool that was released by the National Security Agency at RSA, has been found to be a potential conduit to remote code-execution. Ghidra is a disassembler written in Java; software that breaks down executable […]


Network security, Vulnerabilities

Why You Should Integrate IoT Security Into Your Vulnerability Management Program

March 19, 2019

Via: Security Intelligence

It’s safe to say that the internet of things (IoT) is mature enough that it’s on everyone’s radar by now. The IoT as we know it has been around for more than a decade, but it wasn’t until about five […]


Vulnerabilities

Cisco Patches Critical ‘Default Password’ Bug

March 15, 2019

Via: Threat Post

Cisco Systems is warning customers that a discovery tool for network devices can be accessed by a remote and unauthenticated attacker. The flaw could allow an adversary to log into the system and collect sensitive data tied to host operating […]


Cyber-crime, Malware, Threats & Malware, Virus & Malware, Vulnerabilities

Recently fixed WinRAR bug actively exploited in the wild

March 15, 2019

Via: Security Affairs

Several threat actors are actively exploiting a critical remote code execution vulnerability recently addressed in WinRAR. The exploitation of the flaw in the wild is worrisome because the WinRAR software doesn’t have an auto-update feature, leaving millions of users potentially […]


Vulnerabilities

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

March 12, 2019

Via: Threat Post

Microsoft won’t be patching the bug, but a proof of concept shows the potential for successful malware implantation. A previously unknown bug in Microsoft Windows would allow an attacker to spoof Windows dialog boxes that surface when making changes to […]


Vulnerabilities

Adobe Patch Tuesday updates address critical in Photoshop, Digital Editions

March 12, 2019

Via: Security Affairs

Adobe Patch Tuesday updates for March 2019 address critical flaws in Photoshop CC and Digital Editions products. The updates address a heap overflow issue affecting the Digital Editions ebook reader software, the bug could be exploited by attackers to execute […]


Hacker, Mobile security, Vulnerabilities

Flaws in Smart Alarms Exposed Millions of Cars to Dangerous Hacking

March 11, 2019

Via: Security Week

Serious vulnerabilities found in high-end car alarms could have been exploited to remotely hack millions of vehicles, including to track them, immobilize them and spy on their owners. Researchers at UK-based penetration testing and cybersecurity firm Pen Test Partners have […]


Vulnerabilities

Google discloses Windows zero-day actively exploited in targeted attacks

March 8, 2019

Via: Security Affairs

Google this week disclosed a Windows zero-day vulnerability that is being actively exploited in targeted attacks alongside a recently addressed flaw in Chrome flaw (CVE-2019-5786). The Windows zero-day vulnerability is a local privilege escalation issue in the win32k.sys kernel driver […]


Vulnerabilities

Windows Servers in danger of being compromised via WDS bug

March 7, 2019

Via: Help Net Security

Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly disclosed to Microsoft last year and was fixed last November, but there are likely still servers […]


Network security, Vulnerabilities

Cisco Patches Two Dozen Serious Flaws in Nexus Switches

March 7, 2019

Via: Security Week

Cisco this week patched over two dozen serious vulnerabilities affecting its Nexus switches, including flaws that can be exploited for denial-of-service (DoS) attacks, arbitrary code execution, and privilege escalation. Separate advisories have been published by the networking giant for nearly […]