Zoom defends use of local web server on Macs after security report

Zoom defends use of local web server on Macs after security report

The very least that a user can do to protect themselves. Video conferencing company Zoom has defended its use of a local web server on…

View More Zoom defends use of local web server on Macs after security report
Critical flaws in embedded TCP/IP library impact millions of IoT devices across industries

Critical flaws in embedded TCP/IP library impact millions of IoT devices across industries

Millions of devices, from consumer products like printers and IP cameras to specialized devices used across organizations such as video conferencing systems and industrial control…

View More Critical flaws in embedded TCP/IP library impact millions of IoT devices across industries
How does the CVE scoring system work?

How does the CVE scoring system work?

Have you ever wondered how vulnerabilities are scored? Here’s a simplified explanation for an overly complex system.   Metrics The first thing to understand is…

View More How does the CVE scoring system work?
Attack Surface Area Larger Than Most Businesses Believe

Attack Surface Area Larger Than Most Businesses Believe

Workers are not the only outside-the-perimeter security risk. Companies have a variety of vulnerable Internet-facing resources exposing their business to risk, study finds. Companies focused…

View More Attack Surface Area Larger Than Most Businesses Believe
Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees

Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees

The recent Firefox’s zero-day security flaw was used in attacks against major crypto exchange and wallet service Coinbase, according to a tweet from Coinbase security…

View More Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees
Consumers Urged to Junk Insecure IoT Devices

Consumers Urged to Junk Insecure IoT Devices

More than 2 million connected security cameras, baby monitors and other IoT devices have serious vulnerabilities that have been publicly disclosed for more than two…

View More Consumers Urged to Junk Insecure IoT Devices
Update your Firefox browser now, there’s an emergency patch you’ll want

Update your Firefox browser now, there’s an emergency patch you’ll want

Are you running Firefox version 67.0.3 or Firefox ESR 60.7.1? If the answer is “no,” or you’re not sure, maybe just update your web browser…

View More Update your Firefox browser now, there’s an emergency patch you’ll want
Disgruntled security firm discloses zero-days in Facebook's WordPress plugins

Disgruntled security firm discloses zero-days in Facebook’s WordPress plugins

A US-based cyber-security firm has published details about two zero-days that impact two of Facebook’s official WordPress plugins. The details also include proof-of-concept (PoC) code…

View More Disgruntled security firm discloses zero-days in Facebook’s WordPress plugins
Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall

Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other…

View More Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall
Single Malicious GIF Opened Microsoft Teams to Nasty Attack

Single Malicious GIF Opened Microsoft Teams to Nasty Attack

Microsoft has fixed a subdomain takeover vulnerability in its collaboration platform Microsoft Teams that could have allowed an inside attacker to weaponize a single GIF…

View More Single Malicious GIF Opened Microsoft Teams to Nasty Attack