A Bluetooth authentication bug affecting major devices allows attackers to perform impersonation attacks by spoofing paired devices and stealing sensitive data.
Container images can be exploited by attackers to gain unrestricted access to the container environment and compromise sensitive data. What can you do to secure them?
Proposed bill requires American tech companies to put encryption backdoors in their products for law enforcement access which can be potentially exploited by hackers.
Since patching is problematic and traditional perimeter security is ineffective for Ripple20 vulnerabilities, Zero Trust security may be the right answer.
There are significant gaps in virtual appliance security, and many products are distributed with known, exploitable, and fixable vulnerabilities and on outdated or unsupported operating systems.
The best way to deal with a vulnerability is doing what you can to prevent them from happening in the first place. Oftentimes, cyber risk can be managed even through simple and basic security hygiene practices.
Legal action may be forthcoming for organizations that do not patch Log4j. The FTC has issued an alert that references the Equifax breach (which ended in a settlement of $700 million) as a precedent.
A 19-year-old "security specialist" has found a vulnerability in third party software used by certain Tesla vehicles, which allows the remote control of certain functions such as the engine and the security system.
Qualys researchers said the 12-year-old memory corruption local privilege escalation vulnerability on polkit's Set User ID program pkexec is easily exploitable by novice attackers and affects every major Linux distribution.
Microsoft 365 Defender researcher team discovered a privilege escalation vulnerability dubbed Nimbuspwn allowing an attacker to gain root privileges and deploy malicious payloads.
