It’s déjà vu all over again! New month, new Chrome zero-day bug being exploited in the wild.Read More Another Chrome zero-day exploit – so get that update done!
We’re sticking to our “patch early, peath often” mantra, although in this case it means you can’t jailbreak.Read More How (NOT?!) to jailbreak your iPhone
Salt is one of the largest open source communities in the world, based on automation and Infrastructure management. A vulnerability, named CVE-2020-28243, was identified as a privilege escalation bug impacting SaltStack Salt minions. This allowed an un…Read More A Minion Privilege Escalation Exploit was Fixed in SaltStack Project
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We’ve detected mass scanning activity targeting vulnerable VMware vCenter servers (https://t.co/t3Gv2ZgTdt). Query our API for “tags=CVE-2021-21972” for relevant indicators and source IP addresses. #threatintel https://t.co/AcSZ40U5Gp — Bad Packets (@bad_packets) February 24, 2021 “In our opinion, the RCE vulnerability in the vCenter Server can pose no less a … More
The post Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP! appeared first on Help Net Security.Read More Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
Latest episode – listen now!Read More S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]
Stay away from popup surveys that want personal data. Tell your friends…Read More “ScamClub” gang outed for exploiting iPhone browser bug to spew ads
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, detailing the rise of low complexity vulnerabilities as well as those which r…Read More 57% of vulnerabilities in 2020 were classified as critical or high severity
Businesses and consumers are relying on the voice call more than ever during the pandemic with voice traffic up 184% in 2020 compared to 2019, according to a Hiya report. Phone scams However, this increase in voice calls is being exploited by scammers …Read More Nearly 40% of consumers lost money to phone scams in 2020
U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by attackers to breach a variety of organizations, including the Australian Securities…Read More Accellion to retire enterprise file-sharing product targeted in recent attacks
Latest episode (includes 111,848 “free” cups of coffee) – listen now!Read More S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]
Patch early, patch often. In fact, patch now if you haven’t already. Here’s why.Read More Patch now to stop hackers blindly crashing your Windows computers
Latest Naked Security Live talk – watch now!Read More Naked Security Live – Jargonbuster: Bugs, vulns, 0-days and exploits
This zero-day bug affects Chrome, as well as Edge and other Chromium-based browsers.Read More Chrome zero-day browser bug found – patch now!
New episode – listen now!Read More S3 Ep18: Apple emergency, crypto blunder and botnet takedown [Podcast]