04 Oct 2019

Update now: WhatsApp bug allows malicious GIF to steal user data

A security researcher using the moniker “Awakened” has uncovered a security flaw in WhatsApp that could make it possible for hackers to steal data from devices running the popular messaging app merely by targeting users with nefarious GIFs. After a malicious image is sent to the victim’s phone, it will

Read More
02 Oct 2019

Cisco Webex & Zoom Bug Lets Attackers Spy on Conference Calls

Zoom and Cisco Webex have each issued patches for a vulnerability impacting their web conferencing software. In July of this year, security researchers with CQ Prime Threat Research discovered that it would be possible for threat actors to view or listen to ongoing Zoom and Webex meetings if they were

Read More
01 Oct 2019

Critical Remote Code Execution Vulnerability Patched in Exim Email Server

Exim recently patched a critical vulnerability that could enable threat actors to execute arbitrary code on servers running certain versions of the company’s software. The flaw, tracked as CVE-2019-16928, put numerous systems at risk, for Exim is used by 57% of all email servers worldwide. Exim versions 4.92, 4.92.1 and

Read More
24 Sep 2019

Microsoft Issues Windows Security Update for 0Day Vulnerability

Microsoft has released an unscheduled security update to address two security vulnerabilities in its products. One of the flaws, tracked as CVE-2019-1367, is a zero-day remote code execution (RCE) vulnerability in Internet Explorer that is being actively exploited by threat actors. Microsoft warns that “if the current user is logged

Read More
19 Sep 2019

Small businesses underestimate financial damage of cyberattacks

70% of small to mid-sized businesses (SMBs) believe that losses from a successful cyberattack on their firm would not exceed $25,000, while over half think total damages would remain under $10,000, a new AppRiver survey shows. This implies that small business owners are grossly underestimating the amount of money they

Read More
12 Sep 2019

D-Link, Comba network gear leave passwords open for potentially whole world to see

Security researchers with Trustwave have discovered that certain DSL modems and Wi-Fi routers produced by D-Link and Comba expose user passwords to the Internet as the result of various firmware vulnerabilities. D-Link devices are affected by two firmware bugs, one of which makes it possible to view a file containing

Read More
10 Sep 2019

Cyber-security incident at US power grid entity linked to unpatched firewalls

In March of this year, a cyber incident affected firewalls at multiple power generation sites across the US. According to a recent report by the North American Electric Reliability Corporation (NERC), the attack was less serious than initially thought, and did not significantly impact electricity supply. The attackers exploited “a

Read More
09 Sep 2019

SMBs show no improvement in IT maturity levels, security remains top concern

Almost one in three (32%) small to mid-sized businesses (SMBs) were affected by a security breach in the last five years, and at least 10% experienced a breach in the past year, a new Kaseya survey indicates. The report reveals major shortcomings in terms of patch management, with just 42%

Read More
09 Sep 2019

Millions of Exim servers vulnerable to root-granting exploit

A critical vulnerability in Exim software, which is used by 57% of all email servers worldwide, can enable attackers to run malicious code on impacted servers with administrative (root) privileges, the Exim team warned last Friday. The company has released a patch to address the issue. The flaw affects servers

Read More
05 Sep 2019

Android’s September 2019 Patches Fix Nearly 50 Vulnerabilities

As part of its monthly roll out of patches for the Android platform, Google this week released fixes for 50 security flaws, including two critical flaws that could enable attackers to remotely execute malicious code on vulnerable devices. One of the critical vulnerabilities, tracked as CVE-2019-2176, affects Android 8.0, 8.1

Read More