Researchers found attacks using VisualDoor (SonicWall SSL-VPN), CVE-2020-25506 (D-Link firewall), CVE-2020-26919 (Netgear ProSAFE Plus), CVE-2019-19356 (Netis wireless router), and other exploits.
“The http://blender.org website is undergoing maintenance due to a hacking attempt,” the official Blender account on Twitter said earlier today, adding that it will be back as soon as possible.
The list of massive security failures occurring due to product or service architectures that give a single user or group unfettered privileges continues to grow everyday.
The flaw, tracked as CVE-2021-21193, is a use after free vulnerability in the Blink rendering engine. Google addressed the issue with the 89.0.4389.90 version for Windows, Mac, and Linux.
The UK’s NCSC is urging UK organizations to install security patches for their Microsoft Exchange installs and run Microsoft Safety Scanner to detect webshells employed in the attacks.
In accordance with ISO 17442-2, the CA Stakeholder Group will develop and promote best practice guidelines and use cases for LEI integration across the digital identity industry.
Google has released a proof of concept (PoC) code to demonstrate the practicality of Spectre side-channel attacks against a browser’s JavaScript engine to leak information from its memory.
A new report by Aite Group and GIACT uncovers the pervasiveness of identity theft perpetrated against U.S. consumers and tracks shifts in banking behaviors adopted as a result of the pandemic.
Britain needs to boost its capacity to conduct cyber attacks on foreign enemies, Prime Minister Boris Johnson said before the publication of a national security review next week.
Security agencies are doing a poor job at sanitizing PDF documents on their official websites and are leaking troves of sensitive information that could be collected and weaponized in malware attacks.