Our news
-
Critical MobileIron RCE Flaw Under Active Attack
Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.
-
Light-Based Attacks Expand in the Digital Home
The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.
-
Baidu Apps in Google Play Leak Sensitive Data
Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls.
-
Online Holiday Shopping Scams
Original release date: November 24, 2020 With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails purporting to be from charities, and unencrypted financial transactions. CISA encourages online…
-
Tesla Hacked and Stolen Again Using Key Fob
Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
-
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.
-
GoDaddy Employees Tricked into Compromising Cryptocurrency Sites
‘Vishing’ attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid.
-
VMware Releases Workarounds for CVE-2020-4006
Original release date: November 23, 2020 VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review VMware Security Advisory VMSA-2020-0027…
-
Vulnerability Summary for the Week of November 16, 2020
Original release date: November 23, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor…
-
Manchester United: IT Systems Disrupted in Cyberattack
The popular U.K. soccer club confirmed an attack but said personal fan data remains secure.