07 Aug 2020

Mercedes-Benz E-Series Rife with 19 Bugs

At Black Hat 2020, a famous cybersecurity conference held virtually this year, researchers explained the process of discovery and disclosure of security flaws found in Mercedes Benz vehicles. Although the flaws have since been fixed, the bugs impacted roughly 2 million Mercedes Benz connected cars before they were patched. The

Read More
05 Aug 2020

Newsletter WordPress Plugin Opens Door to Site Takeover

A WordPress plugin designed to create newsletters and email campaigns within the platform called Newsletter has been downloaded over 300,000 times. However, security researchers recently found that the plugin contains a pair of vulnerabilities that could potentially allow threat actors to achieve a site takeover. One vulnerability is an XSS

Read More
05 Aug 2020

FBI issues warning over Windows 7 end-of-life

On Monday, the FBI sent a private industry notification to US private sector partners warning about Windows 7 computers reaching their end-of-life. According to the warning, the operating system fulfilled its shelf life earlier this year. The FBI stated that they had observed threat actors targeting computer network infrastructure after

Read More
27 Jul 2020

DJI Drone App Riddled With Privacy Issues, Researchers Allege

According to researchers with Synacktiv, several privacy errors and vulnerabilities lie within the DJI GO 4 application, which is designed to act as a remote control app for the DJI drone models. According to researchers, the application opens users’ sensitive data and continues to run in the background after it’s

Read More
22 Jul 2020

Adobe issues emergency fixes for critical vulnerabilities in Photoshop, Bridge, Prelude

Adobe rushed to publish emergency fixes for critical vulnerabilities the company became aware of just a week after issuing its standard monthly security update. Adobe published security advisories for another 13 vulnerabilities, 12 of which are classified as critical or high risk. The vulnerabilities lie in Adobe Photoshop, Bridge, and

Read More
21 Jul 2020

Experts Predict Record 20,000 CVEs for 2020

According to researchers at Skybox Security, 2020 could break the record for the number of vulnerabilities reported within a calendar year. Skybox stated that there have been major increases in mobile bugs already, predicting that 2020 will end with 20,000 reported vulnerabilities. In a recent report, Skybox also highlighted that

Read More
06 Jul 2020

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

According to researchers at Check Point security, remote code execution and information disclosure vulnerabilities in Apache Guacamole, an HTML5 web application, can pose a significant threat to users. Researchers found that the flaws can be leveraged by threat actors targeting enterprises. Apache Guacamole is used on a broad range of

Read More
26 Jun 2020

Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs

Nvidia has disclosed it fixed two high-severity flaws in its graphics drivers. The vulnerabilities can be exploited to view sensitive data, gain privileges, or launch a denial-of-service attack on compromised Windows gaming devices. Nvidia, a graphics chipmaker, developed the GPU Display Driver for Windows and is used in devices targeted

Read More
12 Jun 2020

Researchers Expose a New Vulnerability in Intel’s CPUs

Researchers have discovered a new vulnerability in Intel’s CPUs, as the devices are continuously targeted by an unending series of attacks. Multiple campaigns over the past two years have made it possible for sophisticated attackers to steal passwords, encryption keys, and other relevant information from the CPUs. On Tuesday, two

Read More
12 Jun 2020

Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks

Siemens has disclosed critical bugs that affect its LOGO! programmable logic controllers. The vulnerabilities can be exploited remotely and used to launch denial-of-service attacks. Siemens stated that the flaws impact all versions of the devices, which can be compromised when an attacker modifies the device’s configuration. LOGO! devices are designed

Read More