searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus

Google releases Android 13 with improved privacy and security features

Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Reports
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
  • (IN)SECURE Magazine

PoC

Get our top stories in your inbox

There are new unpatched bugs in Windows Print Spooler

July 19, 2021

Security researchers have unearthed new elevation of privilege (EoP) bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about …

PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

June 30, 2021

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …

Cisco security devices targeted with CVE-2020-3580 PoC exploit

June 29, 2021

Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …

Is it OK to publish PoC exploits for vulnerabilities and patches?

May 5, 2021

In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …

Using memory encryption in web applications to help reduce the risk of Spectre attacks

March 25, 2021

There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …

As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak

March 15, 2021

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early …

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!

February 25, 2021

The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …

Out-of-band Drupal security updates fix bugs with known exploits

November 27, 2020

Drupal has released out-of-band security updates to fix two critical code execution flaws (CVE-2020-28948, CVE-2020-28949) in Drupal core, as “there are known exploits …

Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs

November 17, 2020

Cisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive …

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)

November 5, 2020

A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …

Google discloses actively exploited Windows zero-day (CVE-2020-17087)

November 2, 2020

Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

October 29, 2020

A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …

Posts navigation

1 2 3 4 5 6 … 8

Featured news

  • Why organizations should control Active Directory permissions
  • How to manage the intersection of Java, security and DevOps at a low complexity cost
  • Tackling the dangers of internal communications: What can companies do?
Cisco has been hacked by a ransomware gang

What's new

Google releases Android 13 with improved privacy and security features

DigitalOcean customers affected by Mailchimp “security incident”

Overcoming the roadblocks to passwordless authentication

Why organizations should control Active Directory permissions

Don't miss

DigitalOcean customers affected by Mailchimp “security incident”

1,900 Signal users exposed following Twilio breach

Overcoming the roadblocks to passwordless authentication

Why organizations should control Active Directory permissions

Matter protocol: Secure, reliable interoperability for smart home devices

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Reports
  • Whitepapers
  • Industry news
  • Newsletters
  • Product showcase
  • Twitter

In case you’ve missed it

  • Tackling the dangers of internal communications: What can companies do?
  • The challenges of managing the modern external attack surface
  • Understanding your attack surface is key to recognizing what you are defending
  • Machine learning creates a new attack surface requiring specialized defenses

(IN)SECURE Magazine ISSUE 72 (July 2022)

  • 7 threat detection challenges CISOs face and what they can do about it
  • How to set up a powerful insider threat program
  • An offensive mindset is crucial for effective cyber defense
Read online
© Copyright 1998-2022 by Help Net Security
Read our privacy policy | About us | Advertise