Top

Tag: vulnerabilities


Network security, Security, Threats & Malware, Vulnerabilities

Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS

July 9, 2020

Via: Security Week

Based on their CVSS score, the more serious of the flaws is CVE-2020-2034, which impacts the GlobalProtect portal and allows an unauthenticated attacker with network access to the targeted system to execute arbitrary operating system commands with root permissions. “An […]


Network security, Security, Threats & Malware, Vulnerabilities

Cisco Patches Vulnerabilities in Small Business Routers, Switches

July 2, 2020

Via: Security Week

Of the eight vulnerabilities for which Cisco published an advisory this week, only CVE-2020-3297 has been rated high severity. This security hole affects some Small Business and managed switches and it allows a remote, unauthenticated attacker to access a device’s […]


Network security, Security, Threats & Malware, Vulnerabilities

Netgear Starts Patching Serious Vulnerabilities Affecting Tens of Products

July 1, 2020

Via: Security Week

All of the security holes were reported to Netgear through Trend Micro’s Zero Day Initiative (ZDI), including five by a hacker who uses the online moniker d4rkn3ss, from VNPT ISC, and five by Pedro Ribeiro and Radek Domanski of Team […]


Threats & Malware, Vulnerabilities

Microsoft releases emergency security updates to fix Windows codecs

July 1, 2020

Via: Security Affairs

Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities tracked as CVE-2020-1425 & CVE-2020-1457 that impact Windows 10 and […]


Threats & Malware, Vulnerabilities

Vulnerable drivers can enable crippling attacks against ATMs and POS systems

June 30, 2020

Via: CSO Online

ATMs and point-of-sale (POS) systems have been a target for many cybercriminal groups over the past several years resulting in some of the largest card breaches and money heists in history. While attackers have various ways to break into these […]


Access control, Security

Rethinking Enterprise Access, Post-COVID-19

June 24, 2020

Via: Dark Reading

As we look to reopen the economy, a lot of muscle memory will have to be relearned. The old way of doing things isn’t going to make it in the post-COVID-19 world. Too much is on the line, for both […]


Threats & Malware, Vulnerabilities

Adobe Patches 18 Critical Code Execution Flaws Across Five Products

June 17, 2020

Via: Security Affairs

Adobe addressed 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. The IT giant patched five critical out-of-bounds write (CVE-2020-9660, CVE-2020-9662), out-of-bounds read (CVE-2020-9661) and heap overflow (CVE-2020-9637, CVE-2020-9638) vulnerabilities in After […]


Threats & Malware, Vulnerabilities

Ripple20 Bugs Put Hundreds of Millions of IoT Devices at Risk

June 16, 2020

Via: Wired

SECURITY EXPERTS HAVE warned for years that the drive to connect every device imaginable to the internet would offer a bonanza for hackers. Now researchers have found that one chunk of software designed to enable those internet connections is itself […]


Network security, Security

Enterprise internet attack surface is growing, report shows

June 11, 2020

Via: CSO Online

The attack surface of large enterprises has grown in recent months driven by the new work conditions imposed by the COVID-19 pandemic. The threat has increased in many areas including servers that are directly accessible from the internet, domain names, […]


Threats & Malware, Vulnerabilities

Microsoft June 2020 Patch Tuesday fix 129 flaws, 11 rated as critical

June 10, 2020

Via: Security Affairs

Microsoft June 2020 Patch Tuesday address 129 vulnerabilities affecting Microsoft Windows, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in IE Mode), ChakraCore, Office and Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps, and […]