vulnerability Archives - Help Net Security

vulnerability

Chance that flaws will ever be dealt with diminishes the longer they stick around

October 23, 2019

More than half of all security findings (56%) are fixed, but a focus on fixing new findings while neglecting aging flaws leads to increasing security debt, according to …

As car manufacturers focus on connectivity, hackers begin to exploit flaws

October 18, 2019

Car manufacturers offer more software features to consumers than ever before, and increasingly popular autonomous vehicles that require integrated software introduce security …

Researcher releases PoC rooting app that exploits recent Android zero-day

October 17, 2019

Late last month Google Project Zero researcher Maddie Stone detailed a zero-day Android privilege escalation vulnerability (CVE-2019-2215) and revealed that it is actively …

Cisco fixes serious flaws in enterprise-grade Catalyst and Aironet access points

October 17, 2019

Cisco has released another batch of security updates, the most critical of which fixes a vulnerability that could allow unauthenticated, remote attackers to gain access to …

Microsoft NTLM vulnerabilities could lead to full domain compromise

October 10, 2019

Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …

Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!

October 10, 2019

A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …

Cybercrime is maturing, shifting its focus to larger and more profitable targets

October 10, 2019

Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key …

October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe

October 9, 2019

As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …

Cisco closes high-impact vulnerabilities in its security offerings

October 7, 2019

Cisco has fixed 18 high-impact vulnerabilities affecting several of its security offerings and is advising administrators to test and implement the offered security updates as …

Insider threats are security’s new reality: Prevention solutions aren’t working

October 7, 2019

Insider threats expose companies to breaches and put corporate data at risk. New research from Code42 questions whether the right data security solutions are being funded and …

Unpatched Android flaw exploited by attackers, impacts Pixel, Samsung, Xiaomi devices

October 4, 2019

A privilege escalation vulnerability affecting phones running Android 8.x and later is being leveraged by attackers in the wild, Google has revealed. Interestingly enough, the …

Enterprises leaving themselves vulnerable to cyberattacks by failing to prioritize PKI security

October 4, 2019

IoT is one of the fastest growing trends in technology today, yet enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI …