Vulnerabilities & Exploits
- October 28, 2019Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.
- October 24, 2019Researchers recently demonstrated how security issues in Amazon Alexa Google Home devices can be abused to phish and eavesdrop on their owners. Here's what you need to know.
- October 18, 2019In 2017, EternalBlue was the driving force behind one of the nastiest ransomware outbreaks on record. And despite available fixes, it is still being used by malware today—from ransomware to widespread cryptocurrency miners.
- October 14, 2019The extent with which 5G networks use software is one of the top security issues for mobile networks as well as devices and current technologies (for example, 3G, 4G) that use or incorporate it, according to an EU report supported by the European Commission
- October 11, 2019A zero-day vulnerability found in Apple iTunes and iCloud was exploited by cybercriminals to infect Windows computers of an automotive company with the BitPaymer ransomware.
- October 02, 2019A zero-day attack exploits an unpatched vulnerability. Until a patch becomes available, it is often a race between threat actors trying to exploit the flaw and vendors or developers rolling out a patch to fix it.
- September 30, 2019A security researcher discovered that an unpatchable exploit in the bootrom of iOS devices, including iPhone 4S to iPhone X, can be used to jailbreak the devices.
- September 24, 2019US-CERT and Microsoft recommend users and enterprises to update their systems with two emergency patches addressing IE and Defender vulnerabilities.
- September 24, 2019With the growing popularity of remote working arrangements in enterprises, we revisit the security threats and recommendations for IoT devices interchangeably connected to the network at home and in the office.