Nvidia Squashes High-Severity Jetson DoS Flaw
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.
Author Archives: Lindsey O'Donnell
Criminal, Domestic Violence Case Info Exposed in Cook County Leak
Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records.
TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks
A security flaw in TikTok could have allowed attackers to query query the platform's database – potentially opening up for privacy violations.
Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’
Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in.
SonicWall Breach Stems from ‘Probable’ Zero-Days
The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series.
Microsoft Edge, Google Chrome Roll Out Password Protection Tools
The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords.
Ransomware Attackers Publish 4K Private Scottish Gov Agency Files
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve.
SQL Server Malware Tied to Iranian Software Firm, Researchers Allege
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.
Google Forms Set Baseline For Widespread BEC Attacks
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.
Critical Cisco SD-WAN Bugs Allow RCE Attacks
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
Investment Scammers Prey on Dating App Users, Interpol Warns
Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
Linux Devices Under Attack by New FreakOut Malware
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.
Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’
Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.
Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls
Security researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data.
Facebook: Malicious Chrome Extension Developers Scraped Profile Data
Facebook has sued two Chrome devs for scraping user profile data - including names, user IDs and more.
Telegram Bots at Heart of Classiscam Scam-as-a-Service
The cybercriminal service has scammed victims out of $6.5 million and continues to spread on Telegram.
High-Severity Cisco Flaw Found in CMX Software For Retailers
Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers.