Microsoft warns about Internet Explorer zero-day, but no patch yet

Microsoft warns about Internet Explorer zero-day, but no patch yet

Microsoft has published a security advisory today about an Internet Explorer (IE) vulnerability that is currently being exploited in the wild — a so-called zero-day.…

View More Microsoft warns about Internet Explorer zero-day, but no patch yet
Microsoft Patches Windows Vuln Discovered by the NSA

Microsoft Patches Windows Vuln Discovered by the NSA

The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach…

View More Microsoft Patches Windows Vuln Discovered by the NSA
New vulnerability lets attackers sniff or hijack VPN connections

New vulnerability lets attackers sniff or hijack VPN connections

Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and…

View More New vulnerability lets attackers sniff or hijack VPN connections
SQL Injection Errors No Longer the Top Software Security Issue

SQL Injection Errors No Longer the Top Software Security Issue

SQL injection errors are no longer considered the most severe or prevalent software security issue. Replacing it at the top of the Common Weakness Enumeration…

View More SQL Injection Errors No Longer the Top Software Security Issue
More critical Remote Desktop flaws expose Windows systems to hacking

More critical Remote Desktop flaws expose Windows systems to hacking

Microsoft has identified and patched several vulnerabilities in the Windows Remote Desktop Services (RDS) component — formerly known as Terminal Services — which is widely…

View More More critical Remote Desktop flaws expose Windows systems to hacking
New Vulnerability Risk Model Promises More-Efficient Security

New Vulnerability Risk Model Promises More-Efficient Security

Vulnerabilities happen. There’s nothing new or mysterious about that. Neither is there mystery around the fact that something must be done to address vulnerabilities. But…

View More New Vulnerability Risk Model Promises More-Efficient Security
Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices

Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices

Security researchers have disclosed details today about 11 vulnerabilities known collectively as “Urgent11” that impact a wide range of devices, from routers to medical systems,…

View More Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices
VideoLAN's VLC Media Player Has Serious Flaw

VideoLAN’s VLC Media Player Has Serious Flaw

The latest edition of nonprofit VideoLAN’s VLC media player software has what Germany agency CERT-Bund is calling a serious security flaw that allows hackers to…

View More VideoLAN’s VLC Media Player Has Serious Flaw
How does the CVE scoring system work?

How does the CVE scoring system work?

Have you ever wondered how vulnerabilities are scored? Here’s a simplified explanation for an overly complex system.   Metrics The first thing to understand is…

View More How does the CVE scoring system work?
A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’

A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’

Homeland Security has given the maximum severity score for a vulnerability in a popular smart building automation system. Optergy’s Proton allows building owners and managers…

View More A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’