Top

Tag: vulnerabilities


Threats & Malware, Vulnerabilities

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

October 12, 2021

Via: The Hacker News

The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a […]


Mobile, Wireless security

Medtronic Recalls Medical Devices Due to Security Risks That Can Lead to Injury, Death

October 7, 2021

Via: Security Week

The recall is related to a series of vulnerabilities discovered by a team of cybersecurity researchers in 2018. In June 2019, the U.S. Food and Drug Administration (FDA) and Medtronic informed the public of a recall of MiniMed 508 and […]


Mobile, Mobile security

Google Patches Over 50 Serious Vulnerabilities in Android

October 5, 2021

Via: Security Week

The most severe of the security flaws described in the October 2021 Security Bulletin is an issue in the Android System component that could be exploited to achieve remote code execution. Only 10 vulnerabilities were resolved with the 2021-10-01 security […]


Threats & Malware, Vulnerabilities

Open source cyberattacks increasing by 650%, popular projects more vulnerable

September 17, 2021

Via: Help Net Security

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream […]


Threats & Malware, Virus & Malware, Vulnerabilities

LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

August 31, 2021

Via: Threat Post

Researchers discovered a novel ransomware emerging on the heels of the ProxyShell vulnerabilities discovery in Microsoft Exchange servers. The threat, dubbed LockFile, uses a unique “intermittent encryption” method as a way to evade detection as well as adopting tactics from […]


Mobile, Wireless security

Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms

August 31, 2021

Via: The Hacker News

New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim’s knowledge. […]


Threats & Malware, Vulnerabilities

Hospitals still not protected from dangerous vulnerabilities

August 13, 2021

Via: Help Net Security

Ipsos conducted a research which examines attitudes, concerns, and impacts on medical device security as well as cybersecurity across large and midsize healthcare delivery organizations. Insights include how they correlate and diverge. Healthcare is one of the most targeted industries […]


Network security, Security

Connected devices increasingly at risk as new ransomware attacks are reported almost daily

August 12, 2021

Via: Help Net Security

Ordr released a report on the state of connected devices. The 2021 study addresses pandemic-related cybersecurity challenges, including the growth of connected devices and related increase of security risks from these devices as threat actors took advantage of chaos to […]


Threats & Malware, Vulnerabilities

Adobe fixes critical flaws in Magento, patch it immediately

August 11, 2021

Via: Security Affairs

Adobe security updates for August 2021 address a total of 29 flaws, including critical vulnerabilities in Magento and important issues in Adobe Connect: APSB21-64 Security updates available for Magento APSB21-66 Security update available for Adobe Connect Multiple critical vulnerabilities could be exploited […]


Threats & Malware, Vulnerabilities

At Least 30,000 Internet-Exposed Exchange Servers Vulnerable to ProxyShell Attacks

August 10, 2021

Via: Security Week

ProxyShell is the name given to a series of vulnerabilities — CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207 — that can be chained for unauthenticated remote code execution, allowing an attacker to take complete control of an Exchange server. The flaws were discovered […]