Top

Tag: vulnerabilities


Mobile, Mobile security

Serious Apple iOS Exploit Enabled Nearby Device Takeover

December 2, 2020

Via: DataBreach Today

Until May, all Apple iOS devices were vulnerable to a “zero-click exploit” that would have allowed hackers to remotely gain complete control. Using the exploit, attackers would have been able to “view all the photos, read all the email, copy […]


Threats & Malware, Vulnerabilities

Large-scale campaign targets vulnerable Epsilon Framework WordPress themes

November 18, 2020

Via: Security Affairs

Experts at the Wordfence Threat Intelligence team uncovered a large-scale wave of attacks targeting reported Function Injection vulnerabilities in themes using the Epsilon Framework. Below a list of themes and related versions that are vulnerable to the above attacks: Shapely […]


Threats & Malware, Vulnerabilities

246869 Windows systems are still vulnerable to the BlueKeep flaw

November 17, 2020

Via: Security Affairs

Over a year ago Microsoft Patch Tuesday updates for May 2019 addressed nearly 80 vulnerabilities, including the BlueKeep flaw. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that can be exploited by an unauthenticated attacker […]


Threats & Malware, Vulnerabilities

Google addresses two new Chrome zero-day flaws

November 12, 2020

Via: Security Affairs

Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three weeks. Both zero-day flaws, tracked as CVE-2020-16013 […]


Threats & Malware, Vulnerabilities

Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome

November 11, 2020

Via: Security Week

The Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for. “In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable […]


Threats & Malware, Vulnerabilities

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws

November 3, 2020

Via: Threat Post

Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. The vulnerabilities could be exploited to execute arbitrary code on affected products. These critical flaws […]


Threats & Malware, Vulnerabilities

Google fixes the second zero-day in Chrome in 2 weeks actively exploited

November 3, 2020

Via: Security Affairs

Google has released Chrome 86.0.4240.183 for Windows, Mac, and Linux that address ten security vulnerabilities including a remote code execution (RCE) zero-day (CVE-2020-16009) exploited by threat actors in the wild. The RCE is an inappropriate implementation in V8, which is […]


Mobile, Mobile security, Threats & Malware, Vulnerabilities

Election Security: How Mobile Devices Are Shaping the Way We Work, Play and Vote

October 28, 2020

Via: Threat Post

The line between our personal and professional lives is blurring in an unprecedented fashion as we approach the 2020 presidential election. From Oracle and Walmart’s plans to invest in TikTok to a bug in Joe Biden’s campaign app that exposed […]


Network security, Security

Back to Basics: Pandemic Cybersecurity Trends and Solutions

October 28, 2020

Via: Security Week

Thanks to the quick transition to remote work due to the current global pandemic – coupled with cybercriminals’ penchant for taking advantage of fear, uncertainty, and doubt – security researchers have seen a surge in cybersecurity issues. Cybercriminals have been […]


Threats & Malware, Vulnerabilities

Microsoft Patches New Windows ‘Ping of Death’ Vulnerability

October 14, 2020

Via: Security Week

Tracked as CVE-2020-16898, the issue is triggered when the TCP/IP stack doesn’t handle ICMPv6 Router Advertisement packets properly. An attacker could send specially crafted ICMPv6 Router Advertisement packets to a remote Windows machine to exploit the flaw and execute arbitrary […]