Vulnerabilities
Security Boulevard’s 5 Most Read Stories for the Week, June 11-15
A new week, a new crop of security stories. Last week, Privacy in Public Places, Fileless Malware, Spam Bots and Fake Accounts and Cryptomining Worm MassMiner made headlines. Also, we offered some ...
Security Flaws Allow Attackers to Hijack 400 Axis Camera Models
Axis Communications, one of the largest manufacturers of video surveillance equipment in the world, has fixed critical security flaws that affect some 390 of its network camera models. The vulnerabilities were found ...
ICS Security in a Nutshell: Common Challenges and How Tripwire Can Help Overcome Them
Industrial control systems (ICS) first proliferated at a time when cybersecurity didn’t weigh heavily on organizations’ minds. Since then, there have been two significant developments in the industry. First, cybersecurity has become ...
The Shared Security Weekly Blaze – Ultrasonic Hard Drive Attacks, Dangerous USB Devices, Email Fraudsters Arrested
This is the Shared Security Weekly Blaze for June 18, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions, Silent Pocket and CISOBox. This episode ...
CVE-2018-12020: SigSpoof PGP Bug Allows Hackers to Spoof Signatures
The SigSpoof PGP Bug has been discovered to be a decade-old threat that allows hackers to spoof any user’s signatures and identity. This is a rare instance where a security issue has ...
Intel Faces Yet Another Speculative Execution Flaw in Its CPUs
As predicted by security researchers, the Meltdown and Spectre vulnerabilities announced this year were just the tip of the iceberg when it comes to security issues related to the speculative execution feature ...
CVE-2018-3665 Vulnerability Found in Intel Core and Xeon Processors
Yet another chip vulnerability has been discovered, CVE-2018-3665, which has been called Floating Point Lazy State Save/Restore. The flaw resides in Intel Core and Xeon processors, and is similar to Spectre since ...
Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4
Microsoft has fixed 50 vulnerabilities in its products during this month’s Patch Tuesday, 11 of which are rated critical. The company has also released mitigation for the new Spectre variant announced last ...
Malicious Code Can Look Like It Has Been Signed by Apple
Security researchers just discovered a code-signing bypass vulnerability that allows malicious code to masquerade as an official Apply system file. In other words, some of the implementations of Apple’s official code-signing API ...
June Patch Tuesday – new Speculative Store Bypass fixes, Adobe vulns
June’s Patch Tuesday is lighter weight compared to previous months. In all, 51 unique CVEs are addressed, with 11 CVEs marked as Critical. Adobe also released an out-of-band update for a Flash ...
