27 Aug 2019

BitDefender Confirms Security Flaw In Free Windows Antivirus 2020, Millions At Risk — Update Now

Researchers with SafeBreach have uncovered a critical security flaw in the free version of BitDefender’s antivirus solution that can enable hackers to take over Windows machines running the vulnerable software. The issue has now been patched. The flaw stems from the fact that the software does not adequately verify whether

Read More
27 Aug 2019

Apple Issues 3 Emergency Security Fixes To Block Hackers From Taking Over iPhones, Macs, Apple TVs

On Monday, Apple patched the critical jailbreak vulnerability that was accidentally reintroduced for iOS 12.4 after it had been patched in iOS 12.3. The tech giant also released security fixes for the same vulnerability in macOS (10.14.6) and tvOS (12.4.1). The flaws for macOS and tvOS had not been disclosed

Read More
26 Aug 2019

Cybersecurity alert: 34% of vulnerabilities found this year remain unpatched

In the first six months of this year, there were over 4,000 fewer entries in the common vulnerabilities and exploits (CVE) database, a new report by Risk Based Security shows. However, the study warns that 34% of the more than 11,000 security flaws that were reported, haven’t been patched yet.

Read More
26 Aug 2019

Hackers are actively trying to steal passwords from two widely used VPNs

Security researchers are warning that threat actors have begun scanning the web for servers vulnerable to flaws affecting two highly popular VPN solutions. By exploiting vulnerable servers, hackers could steal login credentials , encryption keys and other sensitive information belonging to users of Fortigate VPN and Pulse Secure VPN. The

Read More
23 Aug 2019

The patching paradox: vulnerability scoring leads to slower high-risk remediation

New research by Kenna Security confirms that vulnerabilities are patched faster in firms that have a mature vulnerability management program. While this is hardly surprising, the study also reveals that in the context of patch management, paying too much attention to the Common Vulnerability Scoring System (CVSS) may actually result

Read More
16 Aug 2019

Apache Struts Called Out For Incorrect Security Advisories

Apache Struts has repeatedly provided incorrect and incomplete information in the security advisories for the popular open-source web application framework, new research by Synopsys has found. 24 of the 57 security advisories that were covered by the study contained errors in terms of the Apache Struts versions that were said

Read More
14 Aug 2019

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List

As part of August’s Patch Tuesday, Microsoft made fixes for 93 security vulnerabilities available. 29 issues are critical, including four remote code-execution (RCE) flaws in Remote Desktop Services (RDS) and one critical RCE bug in Microsoft Word. Two of the RDS flaws stand out in particular, as they are “wormable,”

Read More
14 Aug 2019

22 Critical Flaws Patched in Adobe Photoshop

As part of this month’s patch Tuesday, Adobe has released fixes for 119 security vulnerabilities in its products, 25 of which are high severity flaws. Adobe Photoshop CC accounted for 22 critical bugs. Adobe warns that exploitation of these issues “could lead to arbitrary code execution in the context of

Read More
12 Aug 2019

Researchers find security flaws in 40 kernel drivers from 20 vendors

Security researchers at Eclypsium have discovered major security vulnerabilities in over 40 kernel drivers from 20 different hardware vendors. The flaws are the result of poor software design choices and allow applications with limited privileges to use driver functions in order to perform malicious actions that can impact highly sensitive parts

Read More
09 Aug 2019

Warning As Dangerous Cybersecurity Risks Found In Mainstream Office Printers: Report

A new study by security researchers at NCC Group has found “vulnerabilities and exploitations relating to devices made by six of the largest enterprise printer makers in the world.” More specifically, the researchers discovered that serious flaws present in Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh printers could be exploited

Read More