Researchers at Black Hat found a weak spot in some WSUS configurations that could allow an attacker to compromise any server or desktop in an enterprise.
Browsing Category: Vulnerabilities
A device called BEKey which is the size of a quarter and can be installed in 60 seconds on a proximity card reader could potentially be used to break physical access controls in 80 percent of deployments.
Google is changing the way that it updates its Nexus Android phones and will now send out monthly over-the-air updates to users.
Dell SecureWorks researchers today at Black Hat released a new report on Emissary Panda, or TG-3390, a China-sponsored APT gang that has refined the types of data it covets.
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.
A major information-sharing bill that’s in the Senate right now would allow private organizations to share threat data with any government agency, something that the Department of Homeland Security says could have severe privacy implications and cause confusion and inefficiencies inside the federal government. The bill, known as the Cybersecurity Information Sharing Act, would allow[…]
At Black Hat, researchers are expected to disclose new firmware attacks that work against OS X and self replicated to Thunderbolt peripherals.
The U.S. Commerce Department this week agreed to rewrite the proposed U.S. implementation of the Wassenaar Arrangement, a decision lauded by security experts.
The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the[…]
Cisco has patched a denial-of-service vulnerability in its ASR 1000 line of routers, a bug that’s caused by an issue with the way the routers handle some fragmented packets. The company said the DoS vulnerability affects all of the ASR 1000 Series Aggregation Services Routers that are running a vulnerable version of the IOS XE[…]