News Clipping

Hacking groups are attacking Microsoft Exchange Servers [ehackingnews]

Various government-backed hacking groups and APTs are targeting and exploiting a vulnerability in Microsoft Exchange email servers. The vulnerability was patched last month February 2020. Volexity, a UK cyber security firm was the first to discover these exploitation attempts on Friday. But neither did they share the names of the...

Read more

New CWE List of Common Security Weaknesses [mitre]

MITRE has released version 4.0 of the community-developed Common Weakness Enumeration (CWE) list. Previous CWE list versions describe common software security weaknesses. With version 4.0, the CWE list expands to include hardware security weaknesses. Additionally, version 4.0 simplifies the presentation of weaknesses into various views and adds a search function...

Read more

Microsoft Windows CryptoAPI Spoofing Vulnerability [securityboulevard]

Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied...

Read more


In an ideal world, organizations would patch every new vulnerability once it’s discovered. In real-life, this is impossible. Security analysts responsible for vulnerability management activities face multiple challenges that result in what the industry calls “The Patching Paradox” – common sense tells you to keep every system up to date...

Read more

Cisco Security Appliances Targeted for DoS Attacks via Old Bug [bleepingcomputer]

A critical vulnerability fixed in mid-2018 has been resurrected recently in denial-of-service and information disclosure attempts against Cisco’s appliances Adaptive Security (ASA) and Firepower. The company is issuing a warning to its customers urging them to follow recommendations for proper mitigation actions. DoS and sensitive info Tracked as CVE-2018-0296, the...

Read more

Incognito Mode Won’t Keep Your Browsing Private [medium]

The big tech giants, online advertising companies, and data brokers use a ton of tricks to track you around the web. These include things like cookies, location and device logging, fingerprinting, and even share buttons, the last of which make it very easy for companies like Facebook and Google to...

Read more

Page 1 of 5412345...102030...Last »