Description: Intel has released security updates and recommendations to address vulnerabilities in multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.intel.com/content/www/us/en/security-center/default.html Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available....
Read More
Description: WordPress 5.1 and prior versions are affected by a vulnerability. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
Government inspectors have uncovered serious deficiencies in NASA’s information security program which they claim could threaten operations. The findings come from the latest Office of the Inspector General (OIG) review of the space agency for fiscal year 2018, under the Federal Information Security Modernization Act of 2014 (FISMA). The OIG tested the maturity of NASA’s infosec program via 61 metrics in five security function areas plus a...
Read More
Windows 10 is now running on 800 million devices worldwide, Microsoft has announced. The figure includes not only traditional laptop and desktop PCs, but also hybrids like the Surface Pro, consoles like the Xbox One X, and any phones that are still running the end-of-life Windows 10 Mobile, which will finally stop receiving security updates at the end of this year. 800 million means Windows 10 is comfortably the most...
Read More
Logitech’s Harmony hub is a popular smart home device which enables communication with and control of all network connected devices in your house. It has an install base of millions of users across the globe and supports 270,000 devices from 6,000 brands. Tenable recently released critical, undisclosed vulnerabilities that allow an attacker remote root access without user interaction. The hub is a favorite among enthusiasts for its scripting...
Read More
Today, the World Wide Web Consortium (W3C) approved WebAuthn, a new authentication standard that aims to replace the password as a way of securing your online accounts. First announced last year, WebAuthn (which stands for Web Authentication) is already supported by most browsers, including Chrome, Firefox, Edge, and Safari. Its publication as an official web standard should pave the way for wider adoption by individual websites. At its core, WebAuthn is...
Read More
You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, assigned as CVE-2019-5786, affects the web browsing software for all major operating systems...
Read More
A security vulnerability was discovered recently in WinRAR, affecting over 500 millions of users worldwide. Due to the flaw residing in UNACEV2.dll code base that WinRAR uses to extract files from archives packed with the ACE format, hackers can not only bypass the access control to gain high system privileges, but also implant malicious files into the system to infect and control users’ computers. It...
Read More
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. This update is available to all Windows 10 October 2018 Update (build 1809) users and can be installed through Windows Update. To install the update, simply go into Settings -> Update & Security -> Windows Update and then check for new updates. We...
Read More
While tried-and-true attack methods are still going strong, new threats emerge daily, and new vectors are being tested by cybercriminals, according to the 2019 Webroot Threat Report. 40 percent of malicious URLs were found on good domains. Legitimate websites are frequently compromised to host malicious content. To protect users, cybersecurity solutions need URL-level visibility or, when unavailable, domain-level metrics, that accurately represent the dangers. Home user devices are...
Read More
