Cisco fixes hard-coded root credentials in Emergency Responder
Cisco released security updates to fix a Cisco Emergency Responder (CER) vulnerability that let attackers log into unpatched systems using...
Read more →Category: Bleeping Computer
Enhancing your application security program with continuous monitoring
Historically, cybersecurity models have been largely reactive. Organizations would assess vulnerabilities at specified intervals, typically following a security incident or...
Read more →
Hackers target Azure cloud VMs via breached SQL servers
Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft’s security researchers...
Read more →
Sony confirms data breach impacting thousands in the U.S.
Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed...
Read more →
Emergency alert on US phones and TVs today — Don’t worry, it’s just a test
The U.S. Federal Emergency Management Agency (FEMA) and the Federal Communications Commission (FCC) will run an emergency alert test today...
Read more →
New ‘Looney Tunables’ Linux bug gives root on major distros
A new Linux vulnerability known as ‘Looney Tunables‘ enables local attackers to gain root privileges by exploiting a buffer overflow...
Read more →
Google to bolster phishing and malware delivery defenses in 2024
Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk...
Read more →
Microsoft now lets you play a game during Windows 11 installs
Microsoft has introduced a new twist to the Windows 11 installation and update process, transforming it from a mundane task...
Read more →
Android October security update fixes zero-days exploited in attacks
Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively...
Read more →
EvilProxy uses indeed.com open redirect for Microsoft 365 phishing
A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from...
Read more →
ShellTorch flaws expose AI servers to code execution attacks
A set of critical vulnerabilities dubbed ‘ShellTorch’ in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed...
Read more →
Microsoft Edge, Teams get fixes for zero-days in open-source libraries
Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by...
Read more →