Vulnerabilities
Vulnerabilities | News, how-tos, features, reviews, and videos
Tips to harden Active Directory against SolarWinds-type attacks
The SolarWinds attackers took advantage of Active Directory to gain a foothold. Here's what configurations and policies to check to better protect your network.
SonicWall warns customers about zero-day vulnerabilities
Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.
Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed
A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.
33 hardware and firmware vulnerabilities: A guide to the threats
Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.
Russian state-sponsored hackers exploit vulnerability in VMware Workspace ONE
The exploit requires the attacker to have valid credentials, but experts advise patching regardless.
Intel SGX users need CPU microcode patch to block PLATYPUS secrets-leaking attack
Attackers could use the vulnerability to access encryption keys from the Linux kernel's memory or Intel SGX enclaves.
How network segmentation mitigates unauthorized access risk
Two recent Microsoft vulnerabilities underscore the importance of segmenting your Windows network.
The Windows Bad Neighbor vulnerability explained — and how to protect your network
Attackers could use the Windows Bad Neighbor vulnerability to perform remote code execution or create buffer overflows. Patches and workarounds are available.
How attackers exploit QR codes and how to mitigate the risk
Attackers are taking advantage of the increased use of QR codes to steal sensitive information or conduct phishing campaigns. Here's what security teams and employees need to know.
Half of all virtual appliances have outdated software and serious vulnerabilities
New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.
6 top vulnerability management tools and how they help prioritize threats
Organizations handle vulnerability management in various ways, from training and best-practice implementations to filtering out all but the most dangerous threats. Here's a look at some of today's more innovative solutions.
SAP ASE leaves sensitive credentials in installation logs
Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network and other data susceptible to brute-force attacks.
Microsoft's Zerologon vulnerability fix: What admins need to know
Microsoft patched its Netlogon Remote Protocol to prevent Zerologon exploits, but a second update is coming in February. Here's what you need to do now to prepare.
Zerologon explained: Why you should patch this critical Windows Server flaw now
Attackers have learned how to exploit the Zerologon vulnerability in Windows Server, potentially gaining domain admin control.
8 top open source intelligence tools
OSINT (open source intelligence) is the practice of collecting information from published or otherwise publicly available sources. These tools will help you find sensitive public info before bad guys do.
Windows code-signing attacks explained (and how to defend against them)
Learn how code-signing attacks work and how to defend against them. It starts with patching.
4 top vulnerabilities ransomware attackers exploited in 2020
As more employees work from home, attackers have more endpoints to target. These unpatched vulnerabilities in remote access tools and Windows makes their job easier.
18 (new) ways attackers can compromise email
Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.
-
eBook
Sponsored -
White Paper
-
Video/Webcast
Sponsored -
Sponsor Article
Sponsored -
Video/Webcast
Sponsored