security threats – Page 10 – PossibleThreat Articles

Update now! Popular WordPress plugins have password bypass flaws

January 16, 2020 0 Comments infinitewp client, password bypass, password security, plugins, security flaw, security threats, vulnerability, webarx, Wordpress, wordpress plugins, wp time capsule

Credit to Author: John E Dunn| Date: Thu, 16 Jan 2020 13:47:38 +0000

Researchers have discovered bad authentication bypass vulnerabilities affecting two WordPress plugins which should be patched as soon as possible.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/qhJn8G3sG5M” height=”1″ width=”1″ alt=””/>

Security Sophos

Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET

January 15, 2020 0 Comments Adobe, barcelona, CVEs, Microsoft, Operating Systems, Patch Tuesday, Patches, rce, rd gateway, RDP, remote code execution, security threats, vulnerability, Windows, windows remote desktop gateway, windows server

Credit to Author: Danny Bradbury| Date: Wed, 15 Jan 2020 12:10:33 +0000

Here are the most serious bugs from Microsoft’s Patch Tuesday – Including CryptoAPI and RCE flaws in Windows Remote Desktop Gateway.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/_JcrLmlUQmc” height=”1″ width=”1″ alt=””/>

Security Sophos

Malicious npm package taken down after Microsoft warning

January 15, 2020 0 Comments backdoor, malicious package, Microsoft, microsoft vulnerability research, node package manager, npm, security threats, unix, vulnerability

Credit to Author: John E Dunn| Date: Wed, 15 Jan 2020 11:32:56 +0000

Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/X4lFsmpAVr8″ height=”1″ width=”1″ alt=””/>

Security Sophos

‘Cable Haunt’ vulnerability exposes 200 million cable modem users

January 14, 2020 0 Comments broadcom, buffer flaws, cable haunt, cable modem, Flaw, lyrebirds, security threats, vulnerability

Credit to Author: John E Dunn| Date: Tue, 14 Jan 2020 11:41:45 +0000

A fortnight in to 2020 and we have the first security flaw to be given its own name: Cable Haunt – complete with eye-catching logo.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/xgn6q9BSap4″ height=”1″ width=”1″ alt=””/>

Security Sophos

Lottery hacker gets 9 months for his £5 cut of the loot

January 14, 2020 0 Comments anwar batson, automated password guessing, brute force, brute force attack, brute force tool, computer misuse act 1990, cracking, credential stuffing, daniel thompson, dark web, data loss, edwin salter, hacking tool, idris akinwunmi, Law & order, lottery, national lottery, password reuse, Privacy, rosegold, security threats, sentence, sentry mba, stolen credentials, uk, user credentials

Credit to Author: Lisa Vaas| Date: Tue, 14 Jan 2020 11:18:57 +0000

We don’t care how little you made from your crimes, the judge said. We care that you went after an outfit that gives a ton to charities.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/MQxKTz5FL8E” height=”1″ width=”1″ alt=””/>

Security Sophos

Powerful GPG collision attack spells the end for SHA-1

January 13, 2020 0 Comments Cryptography, digital certificates, fake digital certificates, online privacy, pgp, pretty good privacy, security threats, sha-1

Credit to Author: Danny Bradbury| Date: Mon, 13 Jan 2020 13:54:29 +0000

New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/4sQ-pLfUpIU” height=”1″ width=”1″ alt=””/>

Security Sophos

Hackers use system weakness to rattle doors on Citrix systems

January 10, 2020 0 Comments citrix, cve-2019-19781, sans internet storm center, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Fri, 10 Jan 2020 11:02:10 +0000

Attackers are using a serious bug in Citrix products to scan the internet for weaknesses, according to experts.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/BEbNovinqjA” height=”1″ width=”1″ alt=””/>

Security Sophos

Ransomware pounces on California schools, Las Vegas trounces attack

January 10, 2020 0 Comments las vegas, malware, pittsburg, pittsburg unified school district, Ransomware, security threats

Credit to Author: Lisa Vaas| Date: Fri, 10 Jan 2020 10:43:29 +0000

We’ll have one serving of whatever Las Vegas is eating and wish Pittsburg Unified School District good luck with getting unstuck.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ZYdKmx-4lMo” height=”1″ width=”1″ alt=””/>

Security Sophos

Google’s Project Zero highlights patch quality with policy tweak

January 9, 2020 0 Comments bug bounty, bug disclosure, bug-hunting, Google, Project Zero, responsible disclosure, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Thu, 09 Jan 2020 11:26:07 +0000

Google’s Project Zero bug-hunting team has tweaked its 90-day responsible disclosure policy to help improve the quality and adoption of vendor patches.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/45XsE2-NHPY” height=”1″ width=”1″ alt=””/>

Security Sophos

REvil ransomware exploiting VPN flaws made public last April

January 8, 2020 0 Comments bad packets report, malware, pulse secure, Ransomware, revil, security threats, Sodinokibi, vpn, vulnerability

Credit to Author: John E Dunn| Date: Wed, 08 Jan 2020 12:39:53 +0000

Researchers report flaws, vendors issue patches, organisations apply them – and everyone lives happily ever after. Right? Wrong!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/FOp5i99FBQk” height=”1″ width=”1″ alt=””/>