Graphic: Image illustrating an exploit of a Windows CryptoAPI vulnerability using a spoofed digital certificate. image source: https://twitter.com/saleemrash1d/status/1217519809732259840/photo/1

NSA: Microsoft Releases Patch to Fix Latest Windows 10 Vulnerability

NSA discloses a Windows security flaw that leaves more than 900 million devices vulnerable to spoofed digital certificates The National Security Agency (NSA) isn’t exactly known for wanting to share... The post ...
Microsoft Patch Tuesday busts ‘NSACrypt’ vulnerability in Windows OS

Microsoft Patch Tuesday busts ‘NSACrypt’ vulnerability in Windows OS

The Cybersecurity Advisory of the National Security Agency (NSA) has recently uncovered a critical Windows CryptoAPI Spoofing Vulnerability in Windows 10 operating systems. Dubbed NSACrypt, the security flaw found in the Crypt32.dll ...
Cable Haunt vulnerability affects millions of Broadcom cable modems

Cable Haunt vulnerability affects millions of Broadcom cable modems

Cybercriminals can exploit a critical vulnerability in Broadcom chips, a hardware and software component in most of the world’s cable modems, to intercept private messages and redirect traffic, and change default DNS ...
Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary ...

Citrix NetScaler CVE-2019-19781: What You Need to Know

Just before the holidays, Citrix announced that their Citrix Application Delivery Controller (ADC) and Citrix Gateway are prone to a vulnerability which can allow remote unauthenticated attackers to execute code on vulnerable ...
Pulse Secure VPN Server Exploit Opens the Way for Sodinokibi Ransomware; Travelex Falls Victim

Pulse Secure VPN Server Exploit Opens the Way for Sodinokibi Ransomware; Travelex Falls Victim

An unpatched critical vulnerability in Pulse Secure VPN servers might have been used in the recent ransomware attack against London-based foreign exchange company Travelex. Hackers infected Travelex’s infrastructure with the Sodinokibi ransomware ...
Looking at BlueKeep Mitigating Risk in Unsupported Operating Systems

The Top 10 State of Security Blog Posts from 2019

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more ...
ccpa

DHS Cyber Agency Seeks Subpoena Authority to Obtain Cyber ‘Victim’ Info

On Dec. 12, senators Ron Johnson (R. Wis.) and Maggie Hassan (D. N.H.) introduced legislation that would grant DHS’ Cybersecurity and Infrastructure Security Agency (CISA) the authority to issue subpoenas to force ...
Security Boulevard

Waco water bill attack just the latest in a wave of Click2Gov breaches

The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. The heart of the problem lies in ...
Microsoft Security Essentials to Die with Windows 7 in January

Microsoft Security Essentials to Die with Windows 7 in January

Microsoft says it doesn’t plan to provide security updates for the Microsoft Security Essentials component integrated into Windows 7 after the operating system reaches its end of life in a little over ...
Loading...