vulnerability – Page 32 – PossibleThreat Articles

IE zero day and heap of RDP flaws fixed in February Patch Tuesday

February 13, 2020 0 Comments Adobe, Adobe Flash, Internet Explorer, Microsoft, Operating Systems, Patch Tuesday, Patching, RDP, vulnerability, Web Browsers, Windows, zero-day vulnerability

Credit to Author: John E Dunn| Date: Thu, 13 Feb 2020 12:52:59 +0000

Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/JI_KRna6j1I” height=”1″ width=”1″ alt=””/>

Security Sophos

Critical Android flaws patched in February bulletin

February 5, 2020 0 Comments Android, android open source project, critical flaws, cve-2020-0022, cve-2020-0023, CVEs, flaws, Google, google pixel, Mobile, Operating Systems, Patches, Patching, Pixel, qualcomm, rce, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Wed, 05 Feb 2020 11:46:14 +0000

Google has patched Android bugs that include a couple of critical flaws that could let hackers run their own code on the mobile operating system.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/k2wIz5MF-3I” height=”1″ width=”1″ alt=””/>

Security Sophos

Twitter admits to raid on users’ phone numbers

February 5, 2020 0 Comments 2fa, android app, data loss, ibrahim balic, phone numbers, Privacy, security threats, Social networks, twitter, twitter phone numbers, vulnerability

Credit to Author: John E Dunn| Date: Wed, 05 Feb 2020 11:20:13 +0000

It relates to Twitter’s contact upload feature, which allows users to find others via contact info such as email or phone number.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/JjUJFBQ-IaQ” height=”1″ width=”1″ alt=””/>

QuickHeal Security

HorseDeal Riding on The Curveball!

February 4, 2020 0 Comments Antivirus, certificate, critical vulnerability, cve-2020-0601, Cyber safety, encryption, horsedeal, malware, Microsoft Windows, Privacy, Ransomware, rsa, Security, spoofing, ssl certificate, Tips, vulnerability

Credit to Author: Jayesh kulkarni| Date: Wed, 05 Feb 2020 06:17:49 +0000

It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could…

Security Sophos

Serious Security – How ‘special case’ code blew a hole in OpenSMTPD

January 31, 2020 0 Comments eop, Exploit, openbsd, opensmtpd, Patch, rce, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 31 Jan 2020 17:49:43 +0000

Patch now before you receive a message that’s more than just bad news!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/4YZhTzLrMmk” height=”1″ width=”1″ alt=””/>

Security Sophos

UN hacked via unpatched SharePoint server

January 31, 2020 0 Comments cve-2019-0604, data loss, exposed data, GDPR, GDPR compliance, hacked servers, Privacy, security threats, sharepoint, the new humanitarian, un, un secretary-general, vulnerability

Credit to Author: Danny Bradbury| Date: Fri, 31 Jan 2020 13:04:44 +0000

UN staffers: the “entire domain” was probably compromised by an attacker who was lurking on the UN’s networks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/RonIAIVbyIQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Apple patches critical bugs on iPhone and Mac – update now!

January 29, 2020 0 Comments Apple, iOS, MacOS, OS X, Patch, rce, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 29 Jan 2020 17:39:26 +0000

Get them now before the crooks figure out what to do with the holes.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Z9hUCBoA6tw” height=”1″ width=”1″ alt=””/>

Security Sophos

Citrix ships patches as vulnerable servers come under attack

January 21, 2020 0 Comments application delivery controller (adc), citrix, Patching, positive technologies, security threats, vpn, vulnerability

Credit to Author: John E Dunn| Date: Tue, 21 Jan 2020 12:32:31 +0000

Citrix has issued its first set of patches fixing a nasty vulnerability that’s been hanging over some of its biggest products.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/k-13b57A6n8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Oracle’s January 2020 update patches 334 security flaws

January 17, 2020 0 Comments #mansionparty, oracle, oracle patch, Patch, Patching, security flaws, security threats, security updates, Vulnerabilities, vulnerability

Credit to Author: John E Dunn| Date: Fri, 17 Jan 2020 11:31:27 +0000

The January 2020 update featured a joint record of 334 patches, matching an identical number released in July 2018.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/uQefUNviL2Q” height=”1″ width=”1″ alt=””/>

Security Sophos

NSA and Github ‘rickrolled’ using Windows CryptoAPI bug

January 16, 2020 0 Comments cryptoapi, Cryptography, cve-2020-0601, Exploit, Microsoft, NSA, rickroll, vulnerability, Windows

Credit to Author: Paul Ducklin| Date: Thu, 16 Jan 2020 17:42:09 +0000

We said, “Assume that someone will find out how to do it pretty soon,” and that’s exactly what happened.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XhJpjHyVCqc” height=”1″ width=”1″ alt=””/>