vulnerability – Page 37 – PossibleThreat Articles

Credit to Author: Sushmita Kalashikar| Date: Mon, 04 Nov 2019 10:40:59 +0000

Attention! Are you using Chrome as your web browsing software on your Windows, Linux and Mac? High time you update your browser!! That’s right. With Google recently releasing Chrome version 78.0.3904.87 for Windows, Mac, and Linux, there come’s an urgent warning, requesting billions of users to update their software immediately. The warning comes after…

Security Sophos

Apple props up macOS Catalina with 10.15.1 update

November 1, 2019 0 Comments 32-bit, Apple, macos catalina, security updates, vulnerability, windows vista

Credit to Author: John E Dunn| Date: Fri, 01 Nov 2019 15:01:56 +0000

A vocal minority of the committed Apple base has been quick to express dissatisfaction at the move to Catalina from macOS 10.14 Mojave.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Q6JmalYHavU” height=”1″ width=”1″ alt=””/>

Security Sophos

Linux maintainer: Patching side-channel flaws is killing performance

October 31, 2019 0 Comments cve-2018-12126, cve-2018-12127, cve-2018-12130, cve-2019-11091, greg kroah-hartman, hyperthreading, Intel, Linux, meltdown, security threats, simultaneous multithreading (smt), spectre, vulnerability, zombieload

Credit to Author: John E Dunn| Date: Thu, 31 Oct 2019 13:15:11 +0000

Mirror, mirror on the wall, which is the worst side-channel vulnerability of them all?<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/4OlRsV8RD_Y” height=”1″ width=”1″ alt=””/>

Security Sophos

Researchers find hole in EU-wide identity system

October 31, 2019 0 Comments authentication and trust services, eidas, electronic identification, EU, European Union, Government security, sec consult, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Thu, 31 Oct 2019 12:47:20 +0000

The EU has fixed a flaw in the powerful yet complex eIDAS digital identification system that let people authenticate as someone else.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/pCEuDkvSosQ” height=”1″ width=”1″ alt=””/>

Security Sophos

PHP team fixes nasty site-owning remote execution bug

October 29, 2019 0 Comments nginx, php, programming languages, rce, remote code execution, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Tue, 29 Oct 2019 11:48:14 +0000

The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/r_X-vIvi4pg” height=”1″ width=”1″ alt=””/>

Security Sophos

Vulnerability in content distribution networks found by researchers

October 24, 2019 0 Comments Akamai, cdns, content distribution networks, cpdos, http, hypertext transfer protocol, security threats, vulnerability, web servers

Credit to Author: Danny Bradbury| Date: Thu, 24 Oct 2019 14:41:44 +0000

Researchers have found a flaw that could lead to denial of service attacks on content distribution networks around the world.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/R2nlTpWWhFQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Robot Hotel says sorry about the buggy bedside bots

October 24, 2019 0 Comments androids, bed-bots, code signing, henn na hotel, his group, his hotel group, japan, nfc tag, peeping toms, Privacy, robot hotels, robots, security threats, smart speakers, surveillance, tapia, unsigned code, voice assistants, voice recognition, vulnerability

Credit to Author: Lisa Vaas| Date: Thu, 24 Oct 2019 14:39:48 +0000

Japan’s Henn na Hotel says it’s “modified” the bots so pervs can’t exploit the ability to run unsigned code and spy on future guests.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/6qgRyj8P2OY” height=”1″ width=”1″ alt=””/>

Security Sophos

Hacker breached servers used by NordVPN

October 23, 2019 0 Comments data breach, data hack, data leak, Hacker, NordVPN, Privacy, security threats, torguard, virtual private network, vpn, vulnerability

Credit to Author: John E Dunn| Date: Wed, 23 Oct 2019 12:41:12 +0000

NordVPN has been forced to admit that a hacker stole an expired TLS certificate key used to securely connect customers to its web servers.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/f5mz8QmYkC8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Vatican launches smart rosary – complete with brute-force flaw

October 22, 2019 0 Comments brute force, click to pray, erosary, fidus information security, Government security, security threats, vatican, vulnerability, wearables, worldwide prayer network

Credit to Author: Danny Bradbury| Date: Tue, 22 Oct 2019 13:40:16 +0000

Now fixed, the Vatican’s new fitness-and-prayer eRosary and its accompanying app, Click to Pray, were found to have a serious privacy bug.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/U2BKBl-hm44″ height=”1″ width=”1″ alt=””/>

MalwareBytes Security

A week in security (October 14 – 20)

October 21, 2019 0 Comments A week in security, amazon, dark web, domestic abuse, domestic abuse survivor, domestic abuse survivors, domestic violence, facebook, facial recognition, Instagram, jackpot, jackpotting, kindle, Mark Zuckerberg, national cybersecurity awareness month, national domestic violence awareness month, oracle, password, passwords, phish, phishing, phishing scam, Ransomware, Tor, tor browser, us customs and border enforcement, vpn, Vulnerabilities, vulnerability

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Oct 2019 15:45:45 +0000

Cybersecurity news for October 14 – 20, including the future of the password, the lingering threat of ransomware, and new security features from Instagram.

Categories:

A week in security

Tags: amazon Dark Web domestic abuse domestic abuse survivor domestic abuse survivors domestic violence facebook facial recognition Instagram jackpot jackpotting kindle Mark Zuckerberg national cybersecurity awareness month National domestic violence awareness month Oracle password passwords phish phishing phishing scam ransomware tor Tor browser US Customs and Border Enforcement vpn vulnerabilities vulnerability

(Read more…)

The post A week in security (October 14 – 20) appeared first on Malwarebytes Labs.