Category: alerts
Category Added in a WPeMatico Campaign
-
Fuzz Off: How to Shake Up Code to Get It Right – Podcast
Is fuzzing for the cybersec elite, or should it be accessible to all software developers? FuzzCon panelists say join the party as they share fuzzing wins & fails. Read more
-
‘Glowworm’ Attack Turns Power Light Flickers into Audio
Researchers have found an entirely new attack vector for eavesdropping on Zoom and other virtual meetings. Read more
-
Auth Bypass Bug Exploited, Affecting Millions of Routers
A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. Read more
-
Vulnerability Summary for the Week of August 2, 2021
Original release date: August 9, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info basic_shopping_cart_project — basic_shopping_cart A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1.0 allows a remote attacker to Bypass Authentication and become Admin. 2021-07-30 7.5 CVE-2021-34165 MISC ectouch — ectouch SQL Injection Vulnerability in… Read more
-
Golang Cryptomining Worm Offers 15% Speed Boost
The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. Read more
-
Amazon Kindle Vulnerable to Malicious EBooks
Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data. Read more
-
Ivanti Releases Security Update for Pulse Connect Secure
Original release date: August 6, 2021 Ivanti has released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Ivanti’s Security Advisory SA44858 and apply the necessary update. This product is provided subject to this Notification and… Read more
-
Critical Cisco Bug in VPN Routers Allows Remote Takeover
Security researchers warned that at least 8,800 vulnerable systems are open to compromise. Read more
-
Pulse Secure Releases Security Update for Pulse Secure Connect
Original release date: August 6, 2021 Pulse Secure has released Pulse Secure Connect system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Pulse Secure’s Security Advisory SA44858 and apply the necessary update. This product is provided subject to this… Read more
-
Zoom Settlement: An $85M Business Case for Security Investment
Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. Read more