Our news

Ekaterina Kilyusheva, head of the Information Security Analytics Research Group at Positive Technologies, offers a blueprint for locking up the fortress.

READ MORE →

Original release date: September 27, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top   Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info ffmpeg — ffmpeg Buffer Overflow vulnerability in function…

READ MORE →

Original release date: September 24, 2021 On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. On September 24, 2021, VMware confirmed reports that…

READ MORE →

Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text.

READ MORE →

Unauthenticated cyberattackers can also wreak havoc on networking device configurations.

READ MORE →

One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges.

READ MORE →

Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively.

READ MORE →

A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.

READ MORE →

A custom “SparrowDoor” backdoor has allowed the attackers to collect data from targets around the globe.

READ MORE →

The issue lies in a parental-control function that’s always enabled by default, even if users don’t configure for child security.

READ MORE →