Tag: vulnerabilities

Network security, Security, Threats & Malware, Vulnerabilities

U.S. House Passes IoT Cybersecurity Bill

September 16, 2020

Via: Security Week

First introduced in 2017 and reintroduced in 2019, the IoT Cybersecurity Improvement Act will now have to pass the Senate before it can be signed into law by the president. The bipartisan legislation is backed by Reps. Will Hurd (R-Texas) […]

Threats & Malware, Vulnerabilities

Attacks Targeting Recent WordPress File Manager Flaw Ramping Up

September 11, 2020

Via: Security Week

With over 700,000 active installs, File Manager is a highly popular WordPress plugin that provides admins with file and folder management capabilities (copy/paste, delete, download/upload, edit, and archive). In early September 2020, the plugin’s developer addressed a critical-severity zero-day flaw […]

Mobile, Mobile security

Android’s September 2020 Patches Fix Critical System Vulnerabilities

September 9, 2020

Via: Security Week

More than 50 flaws are described in the Android Security Bulletin for September 2020: twenty-two as part of the 2020-09-01 security patch level and twenty-nine with the 2020-09-05 security patch level. Of the 22 issues fixed with the 2020-09-01 security […]

Cyber-crime, Malware, Phishing

4 top vulnerabilities ransomware attackers exploited in 2020

September 9, 2020

Via: CSO Online

The biggest security trend for 2020 has been the increase of COVID-19-related phishing and other attacks targeting remote workers. New York City, for example, has gone from having to protect 80,000 endpoints to around 750,000 endpoints in its threat management […]

Threats & Malware, Vulnerabilities

Critical Vulnerabilities Expose MoFi Routers to Remote Attacks

September 8, 2020

Via: Security Week

The vulnerabilities were reported to the vendor in May by Rich Mirch, a security researcher at CRITICALSTART. However, some of them remain unpatched. The researcher discovered a total of 10 vulnerabilities affecting MOFI4500 routers, a majority related to the web […]

Threats & Malware, Vulnerabilities

Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers

September 1, 2020

Via: Help Net Security

A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Cisco plans to release software updates to plug these security holes, but in the meantime administrators […]


VPN Best Practices for Supporting Your Teleworkers

August 29, 2020

Via: Natalie Dunn

The COVID-19 pandemic shook the business world to the core since restrictions and mandatory public health measures forced employees to work from home. As lockdowns ended, more and more businesses started to rethink in-office perks and extend their work-from-home arrangements. […]

Threats & Malware, Vulnerabilities

Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere

August 27, 2020

Via: Security Affairs

Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security updates to create a trustworthy platform […]

Threats & Malware, Vulnerabilities

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

August 21, 2020

Via: Security Affairs

Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access. Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday […]

Threats & Malware, Vulnerabilities

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

August 13, 2020

Via: Threat Post

Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ banking data history or home addresses – simply by persuading them to click on a malicious link. Researchers with Check Point found several web application flaws on […]