Vulnerabilities

Linux Ransomware: What You Need to Know to Stay Safe

Ransomware is a sophisticated form of file-encrypting malware that attacks the victim’s data and locks it. The attacker then demands that the victim pays a ransom ranging from hundreds to thousands of dollars so that his/her files can be restored. The main targets for ransomware creators are businesses, schools, hospitals, and various government institutions. The…

Chrome 83 Offers Improved Mobile Browsing, New Security and Privacy Controls

Google published Chrome 83 this week to the stable channel with patches for a total of 38 bugs, enhanced Safe Browsing support, and revised security and privacy controls. The newly introduced Enhanced Safe Browsing protection in Chrome is intended to provide users with a higher degree of security while browsing the web, by increasing protection…

Bluetooth Vulnerability Allows Previously Paired Devices to be Impersonated by Attackers

Researchers have discovered that a weakness associated with pairing in Bluetooth Basic Rate / Enhanced Data Rate (BR / EDR) connections could be exploited to impersonate a previously paired unit. The security vulnerability allows an attacker to spoof the Bluetooth address of a previously bonded remote device within the Bluetooth range of an affected device…

Zero Day Initiative Researchers Publish Five Windows Zero Days

Security researchers working with the Zero Day Initiative (ZDI) of Trend Micro have released information on five unpatched vulnerabilities in Microsoft Windows, including four that were considered high risk. The first three of these zero-day vulnerabilities could enable an attacker to escalate privileges on the affected device, tracked as CVE-2020-0916, CVE-2020-0986 and CVE-2020-0915, and featuring…

4,000 Android apps on Google Play Expose User Data

Firebase is a 2011 product of both mobile and web applications by Firebase, Inc. It was later purchased by Google in 2014. The Firebase provides various server analytics, authentication, databases, setup, file storage, push messaging and more. Many of these services are stored in the cloud and can be conveniently used. More than 30 percent…

Hackers can use Product Review Plugin to Inject Code into WordPress Sites

A flaw recently discussed in the WP Product Review Lite WordPress plugin could be misused to hack websites by unauthenticated attackers. WP Product Review Lite is designed to create reviews of products on WordPress websites. It supports the creation of a top rating widget for the goods and also allows for monetization by inserting a…

What is the Common Vulnerability Scoring System?

A vulnerability is any aspect of a design , architecture or configuration of a device that allows cyber criminals to conduct attacks, manipulate services, and steal data. There are various methods available for rating vulnerabilities to assess their risk level. The Common Vulnerability Scoring System (CVSS) is the industry standard most used for this purpose….

Complete Guide to the Best Device Security Protocols

Nowadays BYOD onboarding activities are being followed by staff, consumers and stakeholders at all levels. Luckily, businesses are completely able to limit access to the network before customers are accepted. When a user takes home a tablet, phablet, laptop, or smartphone and tries to connect to a Wi-Fi network, such links may be diverted to…

SAP Security Updates May 2020 Include Six Essential Patches

SAP’s May 2020 Security Patch Day updates, published Tuesday by the company, include a total of 18 Security Notes and 4 updates to previous Notes, six of which are classified as Hot News. The most important of the Notes addresses a vulnerability to code injection in NetWeaver Application Server ABAP. Tracked as CVE-2020-6262 and featuring…

Why Endpoint Protection is Vital

Endpoint defense is a critical part of every robust security programme. Often known as protection for endpoints. However, both words apply to the same protection solution that protects network endpoints from: Attacks Zero-day exploits Human error Data leaks Why is the endpoint security critical It is a common misconception that anti-virus programs can avoid targeted…