vulnerability

Dell SonicWALL GMS comes with hidden default account
While developing new audit modules for the company’s vulnerability scanning technology, Digital Defense researchers found six vulnerabilities in Dell’s SonicWALL …

Vulnerabilities affecting SAP HANA and SAP Trex put 10,000 customers at risk
Onapsis released new security advisories detailing vulnerabilities in SAP HANA and SAP Trex. Included in the advisories is a critical risk vulnerability that could be used to …

Cisco plugs critical flaw in data center operations management solution
Cisco has patched another critical vulnerability in its Unified Computing System Performance Manager software. Cisco UCS Performance Manager is a data center operations …

Oracle splats 276 bugs with mammoth Critical Patch Update
In case you missed it, Oracle’s July 2016 Critical Patch Update is out, and it’s bigger than ever before. It plugs 276 security issues across hundreds of Oracle …

Slew of WP-based business sites compromised to lead to ransomware
If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been …

Flawed code hooking engines open endpoints to compromise
Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different …

Widespread httpoxy vulnerabilities affect server-side web apps
A new, branded set of vulnerabilities has been revealed by security researchers, this time responsibly and without too much fanfare. The collective name given to the …

How to steal money from Instagram, Google and Microsoft
Some account options deployed by Instagram, Google and Microsoft can be misused to steal money from the companies by making them place phone calls to premium rate numbers, …

Compromised Joomla sites are foisting ransomware on visitors
Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking …

Microsoft splats bug that turns printers into drive-by exploit kits
In this month’s Patch Tuesday, Microsoft has released 11 sets of patches – 6 “critical” and 5 “important.” The good news is that none of …

BMW ConnectedDrive flaws could be misused to tamper with car settings
Security researcher Benjamin Kunz Mejri has found two vulnerabilities in the BMW ConnectedDrive web portal/web application. About the vulnerabilities in BMW ConnectedDrive The …

Unsung cybersecurity vulnerabilities in US infrastructure and utilities
This past May, the Internet was abuzz about a report by the Government Accountability Office (GAO) highlighting a number of outdated “legacy systems” still in use …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025