The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected several versions of Ubuntu and could potentially lead to server disruption and injection of malicious code...
Are you a phpMyAdmin user? A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. Learn more:
Are you a Chromebook user? Google has discovered a serious flaw in a Chromebook security feature which allows owners to press their device’s power button to initiate U2F two-factor authentication (2FA). Learn more:
Are you a Chromebook user? If so, make sure you have updated to Chrome OS 75 or later to receive a fix for a vulnerability in a "built-in security key" feature. Learn more:
A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention. Learn more about the flaw and how to protect your servers:
A security flaw in Google Chrome allows an attacker to eventually take control a vulnerable host, and Google recommends users to deploy a patch as soon as possible. All versions of the browser are affected, including Google Chrome for Linux. Learn more:
Have you heard that the Red Hat Enterprise Linux 6 and CentOS 6 GNU/Linux operating systems have received an important Linux kernel security update that addresses several critical vulnerabilities and fixes various bugs? Learn more about this update:
Neglecting basic security practices exposes companies to long-standing security threats. Learn what you can do to mitigate the risk that security vulnerabilities pose to your business:
Have you heard that Netflix hasidentifiedseveral denial of service (DoS) flaws in numerous implementations of HTTP/2, a popular network protocol that underpins large parts of the web? Exploiting them could make servers grind to a halt. These vulnerabilities affect various Linux distributions and open-source vendors and projects. Learn the details in this article:
All major BIOS vendors, along with the likes of AMD, Nvidia, Intel, Huawei, and many others, are offering drivers that have serious security issues. A new report, called Screwed Drivers, from Eclypsium, revealed the worrying extent of the problem.
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while.
Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies.
Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and medical equipment. Many of the flaws allow attackers to take over devices remotely by just sending network packets, which make them particularly dangerous.
There has been a lot of confusion over the last few days after news spread of a supposedvulnerability in the media player VLC. Despite being labelled as "critical", VLC's developers, VideoLAN, denied there was a problem at all.
Have you heard about the BlueKeep vulnerability that has been discovered in Windows RDP servers? Cybersecurity researchers have identified a new variant ofWatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to theBluekeep flaw.BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote attacker to take full control over vulnerable systems just by sending specially crafted requests over RDP protocol.Though thepatches for the BlueKeepvulnerability (CVE–2019-0708) was already released by Microsoft in May this year, more than800,000 Windows machinesaccessible over the Internet are still vulnerable to the critical flaw.
