Our news
-
SonicWall Breach Stems from ‘Probable’ Zero-Days
The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series.
-
Amazon Kindle RCE Attack Starts with an Email
The “KindleDrip” attack would have allowed attackers to siphon money from unsuspecting victims.
-
Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks
Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.
-
SQL Server Malware Tied to Iranian Software Firm, Researchers Allege
Researchers have traced the origins of a campaign – infecting SQL servers to mine cryptocurrency – back to an Iranian software firm.
-
Cisco Releases Advisories for Multiple Products
Original release date: January 21, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco Advisories…
-
NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs
The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
-
Critical Cisco SD-WAN Bugs Allow RCE Attacks
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
-
Malwarebytes Hit by SolarWinds Attackers
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
-
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
-
Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.