vulnerability – Page 33 – PossibleThreat Articles

Update now! Popular WordPress plugins have password bypass flaws

January 16, 2020 0 Comments infinitewp client, password bypass, password security, plugins, security flaw, security threats, vulnerability, webarx, Wordpress, wordpress plugins, wp time capsule

Credit to Author: John E Dunn| Date: Thu, 16 Jan 2020 13:47:38 +0000

Researchers have discovered bad authentication bypass vulnerabilities affecting two WordPress plugins which should be patched as soon as possible.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/qhJn8G3sG5M” height=”1″ width=”1″ alt=””/>

Security Sophos

Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET

January 15, 2020 0 Comments Adobe, barcelona, CVEs, Microsoft, Operating Systems, Patch Tuesday, Patches, rce, rd gateway, RDP, remote code execution, security threats, vulnerability, Windows, windows remote desktop gateway, windows server

Credit to Author: Danny Bradbury| Date: Wed, 15 Jan 2020 12:10:33 +0000

Here are the most serious bugs from Microsoft’s Patch Tuesday – Including CryptoAPI and RCE flaws in Windows Remote Desktop Gateway.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/_JcrLmlUQmc” height=”1″ width=”1″ alt=””/>

Security Sophos

Malicious npm package taken down after Microsoft warning

January 15, 2020 0 Comments backdoor, malicious package, Microsoft, microsoft vulnerability research, node package manager, npm, security threats, unix, vulnerability

Credit to Author: John E Dunn| Date: Wed, 15 Jan 2020 11:32:56 +0000

Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/X4lFsmpAVr8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Serious Microsoft crypto vulnerability – patch right now

January 14, 2020 0 Comments Microsoft, Patch Tuesday, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 14 Jan 2020 23:07:10 +0000

It’s a big one. Don’t wait around, get your updates right now!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3IJEeL8R9bQ” height=”1″ width=”1″ alt=””/>

Security Sophos

January 2020 Patch Tuesday delivers fixes for 50 bugs

January 14, 2020 0 Comments chromium, Edge, elevation of privilege, exploits, Microsoft, Patch Tuesday, RDP, SophosLabs Uncut, updates, vulnerability, Windows

Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Jan 2020 18:15:18 +0000

This month’s big security news from Microsoft is the end of support for Windows 7, and a patch of a cryptographic library<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wiyw9sHJyLE” height=”1″ width=”1″ alt=””/>

Security Sophos

Windows 7 computers will no longer be patched after today

January 14, 2020 0 Comments Exploit, Microsoft, Patch, patchocalypse, vulnerability, windows 7

Credit to Author: Paul Ducklin| Date: Tue, 14 Jan 2020 15:58:49 +0000

Today’s the day. The balloon goes up. The ship goes down. The patches fall behind. The crooks pull ahead.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/5GCHHFgc5Rs” height=”1″ width=”1″ alt=””/>

Security Sophos

‘Cable Haunt’ vulnerability exposes 200 million cable modem users

January 14, 2020 0 Comments broadcom, buffer flaws, cable haunt, cable modem, Flaw, lyrebirds, security threats, vulnerability

Credit to Author: John E Dunn| Date: Tue, 14 Jan 2020 11:41:45 +0000

A fortnight in to 2020 and we have the first security flaw to be given its own name: Cable Haunt – complete with eye-catching logo.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/xgn6q9BSap4″ height=”1″ width=”1″ alt=””/>

Security Sophos

Hackers use system weakness to rattle doors on Citrix systems

January 10, 2020 0 Comments citrix, cve-2019-19781, sans internet storm center, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Fri, 10 Jan 2020 11:02:10 +0000

Attackers are using a serious bug in Citrix products to scan the internet for weaknesses, according to experts.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/BEbNovinqjA” height=”1″ width=”1″ alt=””/>

Security Sophos

Browser zero day: Update your Firefox right now!

January 9, 2020 0 Comments cve-2019-17026, firefox, Internet Explorer, mozilla firefox, Patch, qihoo 360, vulnerability, zero day

Credit to Author: John E Dunn| Date: Thu, 09 Jan 2020 14:00:06 +0000

Firefox has issues an emergency 72.0.1 patch to fix a zero day vulnerability.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/8rtXfw6rWto” height=”1″ width=”1″ alt=””/>

Security Sophos

Google’s Project Zero highlights patch quality with policy tweak

January 9, 2020 0 Comments bug bounty, bug disclosure, bug-hunting, Google, Project Zero, responsible disclosure, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Thu, 09 Jan 2020 11:26:07 +0000

Google’s Project Zero bug-hunting team has tweaked its 90-day responsible disclosure policy to help improve the quality and adoption of vendor patches.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/45XsE2-NHPY” height=”1″ width=”1″ alt=””/>