New Vulnerability Risk Model Promises More-Efficient Security

New Vulnerability Risk Model Promises More-Efficient Security

Vulnerabilities happen. There’s nothing new or mysterious about that. Neither is there mystery around the fact that something must be done to address vulnerabilities. But…

View More New Vulnerability Risk Model Promises More-Efficient Security
Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices

Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices

Security researchers have disclosed details today about 11 vulnerabilities known collectively as “Urgent11” that impact a wide range of devices, from routers to medical systems,…

View More Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices
VideoLAN's VLC Media Player Has Serious Flaw

VideoLAN’s VLC Media Player Has Serious Flaw

The latest edition of nonprofit VideoLAN’s VLC media player software has what Germany agency CERT-Bund is calling a serious security flaw that allows hackers to…

View More VideoLAN’s VLC Media Player Has Serious Flaw
How does the CVE scoring system work?

How does the CVE scoring system work?

Have you ever wondered how vulnerabilities are scored? Here’s a simplified explanation for an overly complex system.   Metrics The first thing to understand is…

View More How does the CVE scoring system work?
A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’

A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’

Homeland Security has given the maximum severity score for a vulnerability in a popular smart building automation system. Optergy’s Proton allows building owners and managers…

View More A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’
Google fixes no-user-interaction bug in Android's Bluetooth component

Google fixes no-user-interaction bug in Android’s Bluetooth component

Google has patched this week a critical security flaw in Android’s Bluetooth component. If left unpatched, the vulnerability can be exploited without any user interaction…

View More Google fixes no-user-interaction bug in Android’s Bluetooth component
Hackers are hijacking smart building access systems to launch DDoS attacks

Hackers are hijacking smart building access systems to launch DDoS attacks

Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company…

View More Hackers are hijacking smart building access systems to launch DDoS attacks
Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

Cisco Systems has fixed a high-severity vulnerability in its popular Webex video conferencing platform, which could let strangers barge in on password-protected meetings – no…

View More Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
Microsoft warns about Internet Explorer zero-day, but no patch yet

Microsoft warns about Internet Explorer zero-day, but no patch yet

Microsoft has published a security advisory today about an Internet Explorer (IE) vulnerability that is currently being exploited in the wild — a so-called zero-day.…

View More Microsoft warns about Internet Explorer zero-day, but no patch yet
Microsoft Patches Windows Vuln Discovered by the NSA

Microsoft Patches Windows Vuln Discovered by the NSA

The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach…

View More Microsoft Patches Windows Vuln Discovered by the NSA