Connect with us
A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious ‘Invoice’ Word documents. The phishing scam was first discovered by...
Organizations using security appliances from Sophos have been advised to make sure their devices are up to date after a researcher disclosed the details of a...
Critical vulnerabilities in elFinder, the popular open source web file manager, can enable unauthenticated attackers to execute arbitrary PHP code on servers hosting elFinder’s back-end PHP connector. JavaScript-based...
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute...
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard....
Microsoft was informed about the vulnerability by Google but the company claimed it to be a “non-issue” and that it “will not fix it.” On Thursday,...
A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. ProxyShell is the name...
Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to...
Microsoft first dismissed the elevation of privilege flaw but decided yesterday that attackers injecting malicious code is worthy of attention. It looked like Google Project Zero...
A vulnerability has been discovered in Fortinet’s web application firewall (WAF) that allows attackers to run arbitrary commands on devices and servers running the security software,...
