Sep
25

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild.
Tracked as CVE-2021-37973, the vulnerability...

Sep
25

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted...

Sep
25

A New APT Hacker Group Spying On Hotels and Governments Worldwide

A new advanced persistent threat (APT) has been behind a string of attacks against hotels across the world, along with governments, international organizations, engineering companies, and law firms.
Slovak cybersecurity firm ESET...

Sep
24

What Is the Difference Between Security and Resilience?

Resilience shifts the focus toward eliminating the probable impact of the full attack chain....

Sep
24

Consumers Share Security Fears as Risky Behaviors Persist

While most US adults know they aren't sufficiently protecting their data online, many find security time-consuming or don't know the steps they should take....

Sep
24

TangleBot Campaign Underscores SMS Threat

The attack targets Android devices and starts with a malicious SMS message that aims to bring malware onto compromised devices....

Sep
24

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses

A new as-yet unpatched weakness in Apple's iCloud Private Relay feature could be circumvented to leak users' true IP addresses from iOS devices running the latest version of the operating system.
Introduced...

Sep
24

Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows

Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. "Attackers created malformed code signatures...

Sep
24

Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software

Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary...

Sep
23

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for...

Sep
23

Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a...

Sep
23

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and...