16 May 2019

Google is replacing Bluetooth Titan Security Keys because of a vulnerability

Google is offering to provide owners of Bluetooth Titan Security Keys with free replacements because the products are affected by a serious security vulnerability. The company has discovered that a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols” could enable threat actors to take over user accounts under certain

Read More
15 May 2019

Intel CPUs Impacted By New Class of Spectre-Like Attacks

Once again, security researchers have discovered critical vulnerabilities in CPU chips that allow attackers to use a technique called speculative execution in order to get CPUs to leak sensitive information. The January 2018 disclosure of a previous set of such flaws, called Meltdown and Spectre, sent shock waves through the

Read More
15 May 2019

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

As part of this month’s patch Tuesday, Microsoft released a critical patch for CVE-2019-0708, a “wormable” vulnerability affecting Windows 7, Windows Server 2008 R2, and Windows Server 2008 and various older operating systems. Due to the extraordinary severity of the flaw, Microsoft also released versions of the patch for otherwise

Read More
15 May 2019

Website Attack Attempts Rose by 69% in 2018

New research by Sitelock indicates that attempts to attack websites are on the rise. In 2018, the average website faced 62 attack threats on a daily basis. The most common attacks involved the use of backdoors, shells, and JavaScript files (cross-site scripting or XSS). XSS attacks target visitors, since they

Read More
03 May 2019

Open Source Vulnerabilities Increase in 2018

A new report by Synopsys indicates that open source security vulnerabilities are on the rise, putting companies that increasingly make use of such solutions at risk. In 2018, 7,000 open source vulnerabilities were identified, bringing the total of flaws found in the past twenty years to over 50,000. The research

Read More
01 May 2019

Vodafone Found Hidden Backdoors in Huawei Equipment

Vodafone has admitted to Bloomberg that it discovered backdoors in software for Huawei products used by the carrier to provide various services to customers in Italy. The backdoors were discovered between 2009 and 2011 and remained in place for years. As a result, Huawei could have obtained unauthorized access to

Read More
01 May 2019

DHS Orders Agencies to Patch Critical Flaws Within 15 Days

US government agencies need to patch critical security flaws within 15 days and high-severity vulnerabilities within 30 days under BOD 19-02, a new Binding Operational Directive issued by the Department of Homeland Security (DHS). The period for fixing critical issues was cut in half, because the previous directive (BOD 15-01)

Read More
26 Apr 2019

Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps

Default passwords are a security hazard in general, and when they affect applications used by firms to keep track of vehicles and perform remote actions like starting or shutting off engines, they can even put people’s lives at risk. A hacker using the moniker L&M claims that this applies to

Read More
26 Apr 2019

Security Vulns in Microsoft Products Continue to Increase

The number of new security vulnerabilities affecting Microsoft products increased last year compared to 2017, and has more than doubled since 2013, a new BeyondTrust report shows. While the number of critical vulnerabilities declined based on the number for 2017, critical flaws have generally increased by 30% over the last

Read More
23 Apr 2019

Attackers are weaponizing more vulnerabilities than ever before

Threat actors are stepping up their efforts to weaponize vulnerabilities affecting Adobe products, new data by RiskSense shows. In 2018, a record-breaking 177 flaws were weaponized, which is 139% higher than in 2017. The study also found that last year almost three times more vulnerabilities were exploited in the wild before

Read More