Cybersecurity News


Black Hat Asia

Singapore
11 March 2020

Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks

Academics break TRR protections on RAM cards for new Rowhammer attacks.
10 March 2020

Microsoft Patch Tuesday, March 2020 Edition

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.
10 March 2020

Microsoft March 2020 Patch Tuesday fixes 115 vulnerabilities

The March 2020 Patch Tuesday is the largest Patch Tuesday release in Microsoft's history.
10 March 2020

Critical Bugs in Rockwell, Johnson Controls ICS Gear

Critical Bugs in Rockwell, Johnson Controls ICS Gear Bugs affecting programmable logic controllers (PLC) and physical access-control systems for facilities are rated 9.8 in severity.
10 March 2020

Microsoft Patches 26 Critical Bugs in Big March Update

Microsoft Patches 26 Critical Bugs in Big March Update March security updates include 115 CVEs patching everything from Windows, Office and Microsoft’s new Chromium-based Edge web browser.
10 March 2020

Researchers Develop New Side-Channel Attacks on Intel CPUs

Load Value Injection (LVI) takes advantage of speculative execution processes just like Meltdown and Spectre, say security researchers from Bitdefender and several universities.
10 March 2020

Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu

SMB vulnerability is currently not patched, but now everyone knows it's there.
10 March 2020

Popular ThemeREX WordPress Plugin Opens Websites to RCE

Popular ThemeREX WordPress Plugin Opens Websites to RCE The bug has been under active attack as a zero-day.
10 March 2020

Microsoft Patches Over 100 Vulnerabilities

Patch Tuesday features several remote code execution flaws in Microsoft Word.
10 March 2020

Bitsight and Microsoft Disrupt Necurs Botnet

But roughly 2 million infected systems remain in the wild, and infected systems could be reactivated at any time.
10 March 2020

Expiration Date Extended for PTS POI v.3 Devices

 

Due to supply-chain disruptions related to the coronavirus, the PCI Council has extended the expiration date for PIN Transaction Security Point-of-Interaction (PTS POI) version 3 devices from April 30, 2020 to April 30, 2021.

10 March 2020

Firefox Bug Opens iPhone AirPods to Third-Party Snooping

Firefox Bug Opens iPhone AirPods to Third-Party Snooping Mozilla Foundation snuffs out bugs with the introduction of Firefox 74 and ESR 68.6.
10 March 2020

High-Severity Flaws Plague Intel Graphics Drivers

High-Severity Flaws Plague Intel Graphics Drivers Intel patched six high-severity flaws in its graphics drivers, as well as other vulnerabilities in its NUC firmware, and a load value injection vulnerability that could allow attackers to steal sensitive data.
10 March 2020

3 Tips to Stay Secure When You Lose an Employee

Whether they leave for a better job or get fired, and whether they mean to cause problems or do so out of ignorance, ex-workers can pose a threat to your company.
10 March 2020

Microsoft orchestrates coordinated takedown of Necurs botnet

Microsoft and partners in 35 countries move to bring down Necurs, today's largest malware botnet.
10 March 2020

Paradise Ransomware Variant Hides in Office IQY Files

The uncommon Internet Query file format lets attacks slip past defenses to effectively break into target networks.
10 March 2020

Intel CPUs vulnerable to new LVI attacks

Researchers say Intel processors will need another round of silicon chip re-designs to protect against new attack.
10 March 2020

Flaw in popular VPN service may have exposed customer data

NordVPN praised its bug bounty program and said that a fix had been shipped within two days

The post Flaw in popular VPN service may have exposed customer data appeared first on WeLiveSecurity

10 March 2020

What Should I Do About Vulnerabilities Without Fixes?

What Should I Do About Vulnerabilities Without Fixes? With better tools that identify potential threats even before developers address them, a new problem has arisen.
10 March 2020