Rss Bot

Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases. View the full article

A series of bugs, patched in September, still allow remote code execution by attackers. View the full article

From eCommerce threats, to attacks at the smart edge, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year. View the full article

Ransomware attacks targeting hospitals have exacted a human cost as well as financial. View the full article

Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life. View the full article

As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart. View the full article

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. View the full article

Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. View the full article

Google updates its mobile OS, fixing ten critical bugs, including one remote code execution flaw. View the full article

Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020. View the full article

A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging. View the full article

Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom. View the full article

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. View the full article

Feds are warning that adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products. View the full article

As hackers put a bullseye on healthcare, Threatpost spotlights how hospitals, researchers and patients have been affected and how the sector is bolstering their cyber defenses. View the full article

In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security. View the full article

The high-severity cross-site scripting flaws could allow remote-code injection on QNAP NAS systems. View the full article

Desktop versions of the browser received a total of eight fixes, half rated high-severity. View the full article

The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images. View the full article

VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important." View the full article

A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and erase it on devices. View the full article

Lookout's Hank Schless discusses accelerated threats to mobile endpoints in the age of COVID-19-sparked remote working. View the full article

Patches for a flaw (CVE-2020-8913) in the Google Play Core Library have not been implemented by several popular Google Play apps, including Cisco Teams and Edge. View the full article

The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. View the full article

CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes. View the full article