Apple iOS 12.2 Patches 51 Serious Flaws

Apple patched more than 50 flaws in iOS 12.2, including an array of bugs in Webkit and a vulnerability that allows apps to secretly listen to users.

ASUS Releases Security Update for Live Update Software

Original release date: March 26, 2019 ASUS has released Live Update version 3.6.8. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. These vulnerabilities were detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ASUS article for more information. The article includes a security diagnostic tool that users can run on their device to determine whether it is affected. CISA also …
Read More »

ASUS Patches Live Update Bug That Allowed APT to Infect Thousands of PCs

If users have an impacted devices, they need to immediately run a backup of their files and restore their operating system to factory settings, said ASUS

The Melissa Virus

Two decades ago, computer viruses were still relatively new notions to most Americans, but the fast-moving and destructive Melissa virus changed that in a significant way and showed many the darker side of the web.

SB19-084: Vulnerability Summary for the Week of March 18, 2019

Original release date: March 25, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »

Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks

Attackers can remotely compromise multiple network devices (IP PBX, conferencing gear and IP phones), installing malware and eavesdropping via video and audio functions.

Critical DoS Bug Bubbles Up in Facebook Fizz TLS 1.3 Project

Users of the open-source project should upgrade immediately.

Firefox and Edge Fall to Hackers on Day Two of Pwn2Own

Browsers Firefox and Edge take a beating on day two of the Pwn2Own competition.

Medtronic Defibrillators Have Critical Flaws, Warns DHS

The unpatched vulnerabilities exist in 20 products made by the popular Medtronics medical device manufacturer, including defibrillators and home patient monitoring systems.

WordPress Plugin Removed After Zero Day Discovered

The plugin, Social Warfare, is no longer listed after a cross site scripting flaw was found being exploited in the wild.