Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came…
Vulnerabilities
Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN
Unauthenticated cyberattackers can also wreak havoc on networking device configurations.
Apple Patches 3 More Zero-Days Under Active Attack
One of the bugs, which affects macOS as well as older versions of iPhones, could allow…
5 Tips for Achieving Better Cybersecurity Risk Management
Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks…
100M IoT Devices Exposed By Zero-Day Bug
A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.
FamousSparrow APT Wings in to Spy on Hotels, Governments
A custom "SparrowDoor" backdoor has allowed the attackers to collect data from targets around the globe.
Netgear SOHO Security Bug Allows RCE, Corporate Attacks
The issue lies in a parental-control function that's always enabled by default, even if users don't…
Unpatched Apple Zero-Day in macOS Finder Allows Code Execution
All a user needs to do is click on an email attachment, and boom – the…
Payment API Bungling Exposes Millions of Users’ Payment Data
Misconfigured APIs make any app risky, but when you’re talking about financial apps, you’re talking about…
Porn Problem: Adult Ads Persist on US Gov’t, Military Sites
Cities, states, federal and military agencies should patch the Laserfiche CMS post-haste, said the security researcher…