News Clipping

Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) [securityboulevard]

Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied...

Read more


In an ideal world, organizations would patch every new vulnerability once it’s discovered. In real-life, this is impossible. Security analysts responsible for vulnerability management activities face multiple challenges that result in what the industry calls “The Patching Paradox” – common sense tells you to keep every system up to date...

Read more

Cisco Security Appliances Targeted for DoS Attacks via Old Bug [bleepingcomputer]

A critical vulnerability fixed in mid-2018 has been resurrected recently in denial-of-service and information disclosure attempts against Cisco’s appliances Adaptive Security (ASA) and Firepower. The company is issuing a warning to its customers urging them to follow recommendations for proper mitigation actions. DoS and sensitive info Tracked as CVE-2018-0296, the...

Read more

Incognito Mode Won’t Keep Your Browsing Private [medium]

The big tech giants, online advertising companies, and data brokers use a ton of tricks to track you around the web. These include things like cookies, location and device logging, fingerprinting, and even share buttons, the last of which make it very easy for companies like Facebook and Google to...

Read more

Over 15 Indian States Have Been Infected By The Dtrack Malware [mashable]

We’re already aware that data breaches are on a constant rise these days. Hackers are making use of stealthy creative ways to get access to our sensitive data. Kaspersky, a Russia-based cybersecurity firm, revealed recently that it has discovered samples of ‘Dtrack’ malware from enterprises across Indian states including Maharashtra,...

Read more

NordVPN confirms it was hacked [techcrunch]

NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked. The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private key exposed, potentially allowing anyone to spin out their own servers imitating...

Read more

Page 1 of 5412345...102030...Last »