Application Security Security Bloggers Network Vulnerabilities

CVE-2018-7602 Highly Critical Drupal Bug Actively Exploited in the Wild

by Milena Dimitrova on April 26, 2018

Drupalgeddon continues with one more remote code execution bug has been discovered in content management system. Identified as CVE-2018-7602, the highly critical vulnerability affects Drupal versions 7.x and 8.x. Affected users should immediately upgrade to Drupal v7.59 and 8.5.3. The...Read more The post CVE-2018-7602 Highly Critical Drupal Bug Actively Exploited in the Wild appeared first on How to, Technology and PC Security Forum | SensorsTechForum.com.
Read more

Cyberlaw Featured Network Security News Security Boulevard (Original) Spotlight Vulnerabilities

Police Shut Down Largest DDoS-for-Hire Marketplace

by Lucian Constantin on April 25, 2018

A large marketplace that allowed users to rent distributed denial-of-service (DDoS) infrastructure from hackers has been shut down following a global law enforcement operation led by police agencies from the Netherlands and the UK. Known as webstresser.org, the marketplace had 136,000 registered users and was responsible for around 4 million attacks to date, according to..
Read more

Security Bloggers Network Threats & Breaches Vulnerabilities

Cyber Scorecarding Services

by Gunter Ollmann on April 25, 2018

Ample evidence exists to underline that shortcomings in a third-parties cyber security posture can have an extremely negative effect on the security integrity of the businesses they connect or partner with. Consequently, there’s been a continuous and frustrated desire for a couple of decades for some kind of independent verification or scorecard mechanism that can help primary organizations validate and quantify the overall security posture of the businesses they must electronically engage with.A couple decades ago organizations could host a small clickable logo on their websites – often depicting a tick or permutation of a “trusted” logo – that...
Read more

DevOps Featured Network Security News Security Boulevard (Original) Spotlight Vulnerabilities

Get Ready for Another Critical Drupal Patch Related to Drupalgeddon2

by Lucian Constantin on April 24, 2018

Developers of the popular Drupal content management system plan to release a critical out-of-band patch April 25 that’s related to the actively exploited Drupalgeddon2 vulnerability fixed late last month. “There will be a security release of Drupal 7.x, 8.4.x, and 8.5.x on April 25th, 2018 between 16:00 – 18:00 UTC,” the Drupal developers said in..
Read more

Endpoint Featured Malware News Security Boulevard (Original) Spotlight Vulnerabilities

Internet Explorer Zero-Day Exploit Reportedly Exploited in Targeted Attacks

by Lucian Constantin on April 23, 2018

Researchers from Chinese internet security firm Qihoo 360 have uncovered a sophisticated targeted attack which, according to them, exploits an unpatched vulnerability in Microsoft’s Internet Explorer browser. The company made the announcement in a short Twitter message and said that it shared technical details about the flaw with Microsoft. A bit more information about the..
Read more

Cybersecurity Featured Malware Mobile Security Most Read This Week News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities

Security Boulevard’s 5 Most Read Stories for the Week, April 16-20

by Saleem Padani on April 23, 2018

A new week, a new crop of security stories. Last week, sophisticated attackers, desktop security, healthcare data breaches and data security in GDPR made headlines, as well as Multi-Factor Authentication featured in the our latest cartoon series called, “Shimmytoons.” Missed out on any of the news? Here are the five most-read stories on Security Boulevard to help you out.
Read more

Security Bloggers Network Vulnerabilities

The Standoff, Google’s Project Zero & Microsft’s Unpatched Windows 10 Bypass

by Marc Handelman on April 22, 2018

Alert the Media! We're Going Public With The Lockout Bypass Flaw! Liam Tung, writing at ZDNet, regales us with a brief soliloquy on Microsoft Corporation's ((NASDAQ: MSFT) unpatched Windows 10 Lockdown...
Read more

Application Security Featured News Security Boulevard (Original) Spotlight Vulnerabilities

Oracle Fixes Critical Vulnerabilities in Business Applications

by Lucian Constantin on April 21, 2018

Oracle has released a new quarterly critical patch update (CPU) for its product portfolio, fixing 254 vulnerabilities across 20 product families. More than two-thirds of those flaws are located in business-critical applications and 42 are rated critical. According to security firm Onapsis, the business applications with critical vulnerabilities include Communications Applications, Financial Services, Fusion Middleware,..
Read more

Security Bloggers Network Vulnerabilities

Autofill with LinkedIn Bug Could Lead to User Data Harvesting

by Milena Dimitrova on April 20, 2018

A critical security bug has been discovered in LinkedIn, more specifically in a social button. The exploit of the bug could have led to harvesting of LinkedIn users’ information, including information that wasn’t public. The discovery was made by Jack...Read more The post Autofill with LinkedIn Bug Could Lead to User Data Harvesting appeared first on How to, Technology and PC Security Forum | SensorsTechForum.com.
Read more

Endpoint News Security Boulevard (Original) Vulnerabilities

Widely Used WebEx Clients Have Critical Vulnerability

by Lucian Constantin on April 19, 2018

Cisco Systems has released security updates for the software clients installed by users who attend WebEx-based meetings to fix a critical vulnerability that could allow remote attackers to compromise their computers. “An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client,” Cisco..
Read more

Page 1 of 1712 3 4 5...10...»Last »