Microsoft Edge will warn users if their credentials have been compromised
Microsoft announced that it will add an alerting feature to Edge to warn users if their credentials saved to autofill have been compromised.
Microsoft announced several new features for its Edge browser, including a new alerting service to warn users...
0patch releases free unofficial patches for Windows 0days exploited in the wild
ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild.
ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have...
Google issued 40,000 alerts of State-Sponsored attacks in 2019
Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019.
Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing...
Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks
Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them.
Security experts at Trend Micro have observed a campaign aimed...
Adobe addressed a critical vulnerability in Adobe Creative Cloud App that allows deleting files
Adobe has addressed a critical vulnerability in its Creative Cloud desktop application that can be exploited by hackers to delete arbitrary files.
Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers...
Microsoft warns of targeted attacks exploiting Windows zero-day flaws
Microsoft warns of hackers actively exploiting two zero-day remote code execution vulnerabilities in Windows Adobe Type Manager Library.
Microsoft warns of hackers exploiting two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact...
Google addresses high severity bugs in Chrome
Google released security updates to address multiple high-severity vulnerabilities in the popular Chrome browser.
Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser.
The...
Drupal addresses two XSS flaws by updating the CKEditor
Drupal developers released security updates for versions 8.8.x and 8.7.x that fix two XSS vulnerabilities affecting the CKEditor library.
The Drupal development team has released security updates for versions 8.8.x and 8.7.x that address two XSS vulnerabilities that affect the...
Cisco addresses multiple issues in its SD-WAN product
Cisco has addressed a total of five vulnerabilities in its SD-WAN solution, including three high severity flaws.
Cisco has addressed five vulnerabilities in its SD-WAN solution, including three high severity flaws.
The vulnerabilities could be exploited by attackers to make unauthorized...
VMware fixes high severity privilege escalation and DoS in its products
VMware released security updates to address high severity privilege escalation and DoS in the Workstation, Fusion, VMware Remote Console and Horizon Client.
VMware has released security updates to address high severity privilege escalation and denial-of-service (DoS) flaws in the Workstation, Fusion, Remote...
Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw
Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates.
Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates.
The CVE-2020-0688 flaw resides in the...
Experts warn of a new strain of ransomware, the PXJ Ransomware
Experts warn of a new malware strain, dubbed PXJ Ransomware, that does share the same underlying code with existing ransomware families.
Security experts from IBM X-Force have spotted a new strain of ransomware, dubbed PXJ Ransomware, that does share...
Slack bugs allowed take over victims’ accounts
Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover.
The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account...
A bug in Tor Browser allows execution of JavaScript even in Safest security level
Tor Project maintainers warned users about a severe flaw in the Tor browser that may execute JavaScript code on sites it should not.
The Tor Project announced a major bug in the Tor browser that may cause the execution of...
VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest
VMware has fixed three serious flaws in its products, including a critical issue in Workstation and Fusion that allow code execution on the host from guest.
VMware has addressed three serious vulnerabilities in its products, including a critical flaw in...
Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC
Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.
Defense Evasion Dominated 2019 Attack Tactics
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
OpenWRT is vulnerable to attacks that execute malicious code
Enlarge (credit: OpenWRT)
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
Privacy in critical care after telehealth demands jump
As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
