vulnerability
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
Cybercrime is maturing, shifting its focus to larger and more profitable targets
Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key …
October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe
As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …
Cisco closes high-impact vulnerabilities in its security offerings
Cisco has fixed 18 high-impact vulnerabilities affecting several of its security offerings and is advising administrators to test and implement the offered security updates as …
Insider threats are security’s new reality: Prevention solutions aren’t working
Insider threats expose companies to breaches and put corporate data at risk. New research from Code42 questions whether the right data security solutions are being funded and …
Unpatched Android flaw exploited by attackers, impacts Pixel, Samsung, Xiaomi devices
A privilege escalation vulnerability affecting phones running Android 8.x and later is being leveraged by attackers in the wild, Google has revealed. Interestingly enough, the …
Enterprises leaving themselves vulnerable to cyberattacks by failing to prioritize PKI security
IoT is one of the fastest growing trends in technology today, yet enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI …
Educational organizations massively vulnerable to cyber attacks
The education sector is facing a crisis as schools grapple with high levels of risk exposure – driven in large part by complex IT environments and digitally savvy student …
PDFex attacks can exfiltrate content from encrypted PDF documents
Researchers from Ruhr University Bochum and Münster University of Applied Sciences have devised new attacks allowing them (and potential attackers) to recover the plaintext …
Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted …
Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping
Cequence Security’s CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially allows an attacker to …
DevSecOps is emerging as the main methodology for securing cloud-native applications
Only 8 percent of companies are securing 75 percent or more of their cloud-native applications with DevSecOps practices today, with that number jumping to 68 percent of …
Featured news
Resources
Don't miss
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites
- Black Friday 2025 for InfoSec: How to spot real value and avoid the noise