Cybersecurity, AMNESIA:33 hit open source TCP/IP stacks
Forescout: It’s a group of 33 vulnerabilites in IoT and embedded devices, caused by memory management bugs. Pay attention!
Cybercrime, WordPress hit by waves of attacks targeting Epsilon Framework themes
Wordfence cybersecurity experts: They exploit Function Injection and other older vulnerabilities, The aggressions seem to search flaws.
Cyber Security, Microsoft fixes urgently two Codec vulnerabilities
They are the CVE-2020-1425 and the CVE-2020-1457, and affects Library on several Windows 10 and Windows Server versions. Up to date, there aren’t any alternative mitigating measures.
Cyber Security, Microsoft fixes 129 product vulnerabilities at once
Eleven were critical, but none of them has been exploited by cybercrime. SecurityAffairs: One was located in the Server Message Block (SMB) protocol, and dubbed SMBleed.
Cyber Security, two new medium vulnerabilities on Linux Kernel
They allow an actor to perform a denial of service (DoS) attack. The first one at local level, the second one by remote. Install the updates to mitigate the risks!
Cybercrime, Salt servers hacked thanks to two flaws
The Cyber Security Experts: The attackers used CVE-2020-11651 and CVE-2020-11652 to install backdoors and cryptominers. More than 6,000 devices could be compromised.
Cyber security, two serious vulnerabilities in billion chips discovered
Worcester Polytechnic Institute (WPI) cyber security researchers: affected chips made by Intel and STMicroelectronics. Side-channel attacks could have caused cryptographic keys steal.
Cyber Security, spending increase 24% and there is a 17% rise in attacks
A ServiceNow-Ponemon study: Major data breaches continue to dominate, and almost 48% of organizations have had a data breach in past two years. Vulnerability is the main issue.
Swanscan and Adobe fix together 5 dangerous flaws in the SandBox
The platform’s experts discovered the vulnerabilities, then cooperated with the multinational in a good example of companies-vendors Cyber Security Teamwork.
53 new critical Adobe Reader vulnerabilities discovered thanks to Fuzzers
Check Point cyber security experts performed a 50-day experiment with WinAFL. The automatic vulnerability-finding tools use is increasing against cyber threats.