More than 44 million Microsoft user accounts are exposed to hack
Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking.
Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised...
Adobe Patch Tuesday addresses critical flaws in four products
Adobe released the Patch Tuesday security updates for December 2019 that address flaws in Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets.
Adobe Patch Tuesday security updates for December 2019 address a total of 25 flaws in Acrobat and Reader,...
NordVPN announced the launch of a bug bounty program
The popular virtual private network (VPN) service provider NordVPN announced the launch of a public bug bounty program.
The virtual private network (VPN) service provider NordVPN announced the launch of a public bug bounty program.
White hat hackers will receive payouts...
Google released PathAuditor to detect unsafe path access patterns
Google has released the source code of a tool, dubbed PathAuditor, designed to help developers identify vulnerabilities related to file access.
Google decided to release the source code of a tool dubbed PathAuditor designed to help developers identify vulnerabilities...
Google fixes a critical DoS flaw tracked as CVE-2019-2232 in Android
Google addressed a critical vulnerability, tracked as CVE-2019-2232, that could trigger a permanent denial of service (DoS) condition in Android.
Google released December 2019 security updates for its Android mobile OS that addressed several flaws, including a critical vulnerability,...
OpenBSD addresses authentication bypass, privilege escalation issues
Experts from Qualys Research Labs discovered four high-severity security flaws in OpenBSD, one of which is a type authentication bypass issue.
Researchers from Qualys Research Labs discovered four high-severity security vulnerabilities in OpenBSD, a type authentication bypass issue and three...
Ohio Election Day cyber attack attempt traced Russian-Owned Company
Ohio detected and neutralized a cyber attack against its election systems earlier this month, it was traced to a Russian-owned company.
Ohio officials thwarted a cyber attack against its election infrastructure earlier this month, the state’s elections chief announced.
According...
Some Fortinet products used hardcoded keys and weak encryption for communications
Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications.
Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR”...
Federal Communications Commission has cut off government funding for equipment from Chinese firms
U.S. Federal Communications Commission has cut off government funding for equipment from Huawei and ZTE due to security concerns.
U.S. Federal Communications Commission has cut off government funding for equipment from the Chinese companies Huawei and ZTE due to security...
Kaspersky found dozens of flaws in 4 open-source VNC software
Kaspersky researchers found dozens of flaws in four popular open-source virtual network computing (VNC) systems.
Experts from Kaspersky analyzed several different implementations of a remote access system called Virtual Network Computing (VNC) and identified a number of memory corruption vulnerabilities....
ENISA publishes a Threat Landscape for 5G Networks
ENISA, the European Union Agency for Cybersecurity publishes a Threat Landscape for 5G Networks, assessing the threats related to the fifth generation of mobile telecommunications networks (5G).
ENISA with the support of the Member States, the European Commission and an...
Ransomware Revival: Troldesh becomes a leader by the number of attacks
Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals.
Group-IB, a Singapore-based cybersecurity company: ransomware accounted for over half of all malicious mailings in H1...
CTHoW v2.0 – Cyber Threat Hunting on Windows
Why did I started CTHoW? As someone with a huge passion for information security. It is always a must to keep on top of the latest TTPs of adversaries to be able to defend your network.
I was always impressed...
Adobe announces end of support for Acrobat 2015 and Adobe Reader 2015
Adobe announces the end of support for Acrobat 2015 and Reader 2015
It’s official, Adobe announces the end of support for Adobe Acrobat and Reader 2015.
It’s official, Adobe announces the end of support for Adobe Acrobat and Reader 2015,...
Experts found undocumented access feature in Siemens SIMATIC PLCs
Researchers discovered a vulnerability in Siemens SIMATIC S7-1200 programmable logic controller (PLC) that could allow attackers to execute arbitrary code on vulnerable devices.
Researchers discovered an undocumented access feature in Siemens SIMATIC S7-1200 programmable logic controller (PLC) that could be...
Pensacola confirms ransomware attack
Pensacola
officials confirmed that an ongoing
cyberattack that began early Saturday morning is a ransomware attack.
While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...
Trickbot Operators Now Selling Attack Tools to APT Actors
North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...
Intel Issues Fix for ‘Plundervolt’ SGX Flaw
Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
How to stop spam calls right now
Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.
