Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro

Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro

While investigating the SiteGround Optimizer and Caldera Forms Pro plugins we have discovered a critical privilege escalation vulnerability. It was not being abused externally and impacts over 500,000 sites. It’s urgency is ...

Google Chrome Zero-Day, Facebook Phone Number Privacy, NSA Phone Data Collection Program

This is your Shared Security Weekly Blaze for March 11th 2019 with your host, Tom Eston. In this week’s episode: a new Google Chrome Zero-Day, how Facebook uses your phone number, and ...
bear in the wild

Chrome Zero-Day RCE: Exploit in the Wild – Patch Now

Google is warning Chrome users to update their browser installations immediately. Previous versions have a nasty security bug that allows remote code execution. And it’s not theoretical: It turns out that this vulnerability ...
Security Boulevard
Bromium-Emotet-Order-Details

Emotet: How It Might Infect Your PC

The most prolific malware that Bromium has been seeing in customer environments over the last three months has been Emotet. Since this appears to be the preferred malware campaign of the moment, ...
VirtualBox E1000 Guest-to-Host Escape

VirtualBox zero-day flaw released on Github; working exploit available but no patch

An independent researcher has turned a bit rogue, disclosing a zero-day vulnerability in the popular VirtualBox virtualization software while expressing deep disagreement with the state of security research, and bug bounty standards ...
Zero-day Threats Detection

Zero-day Threats: Has Detection Become Deception?

| | cyberthreats, Malware, threats, zero-day
Whether it’s a  vulnerability found in Microsoft Windows Task Scheduler service or attackers leveraging a cryptomining attack exploiting an Apache Struts flaw, zero-day threats continue to threaten enterprise security. As more vulnerabilities ...
Security Boulevard
Windows Zero-Day Vulnerability Comes With PoC on GitHub

Windows Zero-Day Vulnerability Comes With PoC on GitHub

A new zero-day vulnerability was recently made public following a Tweet from @SandboxEscaper, who claimed to be frustrated with Microsoft and, apparently, their bug submission process. The tweet included a link to ...
0-day flaw in macOS High Sierra lets hackers dump all passwords from keychain

0-day flaw in macOS High Sierra lets hackers dump all passwords from keychain

Apple prides itself on the airtight security offered by its family of products, including the Mac operating system, macOS. But while considerably less targeted by hackers, macOS is still vulnerable to attacks ...
How to Spot a Zero-Day Sight-Unseen

How to Spot a Zero-Day Sight-Unseen

Zero-day attacks have businesses and consumers alike worried about how to protect data. If we don’t know what a threat looks like, can we really protect ourselves against it? For some time, ...
Loading...