Tag: vulnerabilities

May 13, 2021

Attackers strike where defenders least expect it — in cybersecurity, certainly, but in the world of physical warfare as well. As a former military officer, I think it’s particularly instructive to look at military battles from the cybersecurity defender’s perspective. […]

May 11, 2021

The German industrial giant has released more than a dozen advisories to inform customers about tens of vulnerabilities affecting RUGGEDCOM, SCALANCE, SIMATIC, SINEMA, SINAMICS and other products. The company has advised organizations using its products to either install updates or […]

April 30, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems (RTOS) and supporting libraries. Those operating systems and libraries are widely used in smart, Internet-connected “things”. The number of affected devices […]

April 21, 2021

The quarterly set of security patches addresses a total of 41 vulnerabilities considered critical severity, including 5 that feature a CVSS score of 10. The most severe of these vulnerabilities could be exploited to execute code remotely within the context […]

April 20, 2021

For over two decades, the window.name property has been available for websites to store whatever data they choose to, but such data has often been allowed to leak between sites, essentially allowing for the tracking of users across the pages […]

April 20, 2021

Security experts from Cisco Talos have found two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer. The Cosori Smart Air Fryer is an appliance with smart capabilities that cooks food with a variety of methods and settings. […]

April 12, 2021

Zero day definition A zero day is a security flaw for which the vendor of the flawed system has yet to make a patch available to affected users. The name ultimately derives from the world of digital content piracy: if […]

April 9, 2021

Security researchers squaring off at the Pwn2Own hacking competition have discovered various vulnerabilities in Microsoft’s Windows 10 operating system. During the first two days of the event, which is run by the Zero Day Initiative, three Windows 10 exploits were […]

April 2, 2021

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify Microsoft Exchange servers in their environments impacted by ProxyLogon flaws within five days and take the necessary steps […]

March 25, 2021

The tech giant is offering rewards for vulnerabilities in the Teams desktop client as part of its Application Bounty Program, which will feature additional app-related bounties in the future. The Teams desktop client bug bounty program complements the existing awards […]