Tag: vulnerabilities

February 24, 2021

The cybersecurity world is constantly evolving to new forms of threats and vulnerabilities. But ransomware proves to be a different animal—most destructive, persistent, notoriously challenging to prevent, and is showing no signs of slowing down. Falling victim to a ransomware […]

February 24, 2021

While the SolarWinds breach has shone a light on the dangers of supply chain attacks over the past three months, threat researchers at SME specialist security firm Huntress say the risks associated with the virtual events and conference platforms used […]

February 17, 2021

The targeted device is the ConnectPort X2e made by Digi International, a US-based company that provides IT, networking and IoT solutions for industrial, enterprise and smart city applications. FireEye conducted its research on a version of the device offered by […]

February 16, 2021

An Android app that’s been downloaded more than 1 billion times is riddled with flaws that can let attackers hijack app features or overwrite existing files to execute malicious code, or launch man-in-the-disk (MiTD) attacks on people’s devices, researchers discovered. […]

February 12, 2021

The report by the Center for Internet Security, a nonprofit that partners with the federal government on election security initiatives, focuses on how hardware and software components can provide potential entryways for hackers. “We have to continue to get better,” […]

February 11, 2021

The biggest advisory covers 21 security holes affecting JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format), and Teamcenter Visualization, which provides organizations visualization solutions for documents, 2D drawings and 3D models. These products are made by […]

February 10, 2021

The chipmaker’s Patch Tuesday updates for February 2021 were described in 19 advisories, including four that cover high-severity vulnerabilities. The list of high-severity flaws includes a privilege escalation issue in the Intel Solid State Drive (SSD) Toolbox, and a denial-of-service […]

February 9, 2021

In its advisory for the vulnerability — the bug currently does not have a CVE identifier — Mozilla described it as a “buffer overflow in depth pitch calculations for compressed textures.” The issue, reported by researchers Abraruddin Khan and Omair […]

February 8, 2021

While the use of malicious Chrome extensions in attacks is not something new, this attack stands out from the crowd due to the use of ‘Developer mode’ in the browser to enable loading of a malicious extension locally. The extension […]

February 2, 2021

As part of the attack, an adversary could set up a crafted website and lure the intended victim into visiting it. As soon as that happens, malicious code on the site starts sending multiple fetch requests from the victim’s browser, […]