Vulnerabilities

Vulnerabilities | News, how-tos, features, reviews, and videos

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa
A magnifying lens exposes an exploit amid binary code.

Cybersecurity  >  Email security threats, such as phishing

Unpatched Exchange Servers an overlooked risk

Attackers are targeting older, unpatched Microsoft Exchange Servers with much success because organizations don't properly assess the risk.

a hooded figure targets a coding vulnerability

Cosmos DB users advised to regenerate their keys following serious vulnerability

The Azure vulnerability, which affects only those using the Jupyter Notebook feature, gives attackers access to data in databases.

shutterstock editorial 11745281m blackberry

BlackBerry faces bad PR by failing to go public with BadAlloc vulnerability

Although the company informed its OEM customers of the vulnerability, users of IoT devices running its QNX OS were potentially kept in the dark.

network security concept

Amazon Sidewalk highlights network security visibility risks consumer services pose

Research warns consumer-grade services can undermine risk assessment of corporate networks amid remote working as Houdini malware spoofs devices to exfiltrate data.

One lock in a series is unlocked / weakness / vulnerability

6 vulnerabilities Microsoft hasn't patched (or can't)

Your IT and security admins need to be aware of these unpatched Microsoft vulnerabilities so that they can mitigate them in other ways.

keeping the cloud secure cloud security lock padlock private cloud

NSA, CISA release Kubernetes hardening guidance following Colonial Pipeline, other attacks

The guidance seeks to educate IT administrators about cloud security risks and best practices for implementing and maintaining Kubernetes.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

Serious flaws in widespread embedded TCP/IP stack endanger industrial control devices

Critical vulnerabilities potentially affect millions of devices, but finding and patching them will be difficult.

stethoscope mobile healthcare ipad tablet doctor patient

Basic flaws put pneumatic tube transport systems in hospitals at risk

Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.

skull and crossbones in binary code

Authentication bypass allows complete takeover of Modicon PLCs used across industries

The vulnerability could allow attackers to insert malicious code and easily avoid detection.

Microsoft Windows security  >  Windows laptop + logo with binary lock and key

PrintNightmare vulnerability explained: Exploits, patches, and workarounds

Public exploits are available for a remote code execution vulnerability in the Windows Print Spooler that could allow attackers to take full control of systems. The vulnerability affects all editions of Windows and organizations are...

man typing on laptop search internet web browswer

15 top open-source intelligence tools

OSINT (open-source intelligence) is the practice of collecting information from published or otherwise publicly available sources. These tools will help you find sensitive public info before bad guys do.

security audit - risk assessment - network analysis

Flaws in Dell's over-the-air device recovery and update impacts millions of devices

As many as 40 million Dell devices are vulnerable to targeted man-in-the-middle attacks. Dell advises BIOS/UEFI updates.

Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

10 old software bugs that took way too long to squash

As these examples show, vulnerabilities can lurk within production code for years or decades—and attacks can come at any time.

CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

With proofs of concept public, attackers are likely exploiting this vulnerability weeks after patches were released.

Money flows through a tunnel of binary code as a target hovers over a code bug.

5 questions to answer before jumping on the bug bounty bandwagon

Bug bounty programs can bolster your vulnerability management capabilities, but are you ready?

light string in a jar at sunset / lightbulbs / ideas / innovation / brainstorming

Defining linchpins: An industry perspective on remediating Sunburst

The concept of linchpin software can be useful in assessing risk and focusing security efforts, but it comes with challenges.

security threats and vulnerabilities

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero days explained: How unknown vulnerabilities become gateways for attackers

A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before...

Load More
You Might Also Like