vulnerability
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge
Adobe has pushed out security updates fixing critical flaws in Magento Commerce, Open Source Enterprise and Community editions, Adobe Illustrator 2020 for Windows, and Adobe …
Massive work-from-home movement exposes cybersecurity weaknesses
News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 …
Update MS Office, Paint 3D to plug RCE vulnerabilities
A week after the April 2020 Patch Tuesday, Microsoft has released out-of-band security updates for its Office suite, to fix a handful of vulnerabilities that attackers could …
Starbleed vulnerability: Attackers can gain control over FPGAs
Field Programmable Gate Arrays, FPGAs for short, are flexibly programmable computer chips that are considered very secure components in many applications. Starbleed …
Surge in remote working reveals concerns around unprotected endpoints
Millions of US businesses forced to rapidly support home working for employees are facing significant challenges to securely manage their IT networks. New research from Tanium …
Using Cisco IP phones? Fix these critical vulnerabilities
Cisco has released another batch of fixes for a number of its products. Among the vulnerabilities fixed are critical flaws affecting a variety of Cisco IP phones and Cisco UCS …
April 2020 Patch Tuesday: Microsoft fixes three actively exploited vulnerabilities
For the April 2020 Patch Tuesday, Adobe plugs 5 flaws and Microsoft 113, three of which are currently being exploited by attackers. Adobe’s updates On this Patch …
VMware plugs critical flaw in vCenter Server, patch ASAP!
VMware has fixed a critical vulnerability (CVE-2020-3952) affecting vCenter Server, which can be exploited to extract highly sensitive information that could be used to …
Shift to work-from-home: Most IT pros worried about cloud security
As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining …
Actively exploited MS Exchange flaw present on 80% of exposed servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can …
Cybercrime and disinformation during the pandemic
Cybercrime is evolving since criminals have been quick to seize opportunities to exploit the pandemic by adapting their tactics and engaging in new criminal activities. …
Featured news
Resources
Don't miss
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites
- Black Friday 2025 for InfoSec: How to spot real value and avoid the noise