VMWare Urges Users to Patch Critical Authentication Bypass Bug
Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
Vulnerabilities
Universities Put Email Users at Cyber Risk
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
Malicious Npm Packages Tapped Again to Target Discord Users
Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
CVEs or Software vulnerabilities comprise only a part of security risks in the IT security landscape. Attack surfaces are massive with numerous security risks that must be treated equally as software vulnerabilities to reduce risk exposure and prevent cyberattacks at scale
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.
New remote business reality pushes security teams to retool to protect expanding attack surface.
A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.
The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code.
Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.
