Cisco Patches Critical Flaw After PoC Exploit Code Release
A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers.
A day after proof-of-concept (PoC) exploit code was published for a...
Multiple Industrial Control System Vendors Warn of Critical Bugs
Four industrial control system vendors each announced vulnerabilities that ranged from critical to high-severity.
Industrial control system firms Real Time Automation and Paradox both warned of critical vulnerabilities Tuesday...
Citrix SD-WAN Bugs Allow Remote Code Execution
The bugs tracked as CVE-2020–8271, CVE-2020–8272 and CVE-2020–8273 exist in the Citrix SD-WAN Center.
Three security bugs in the Citrix software-defined (SD)-WAN platform would allow remote code-execution and network takeover,...
Dating Site Bumble Leaves Swipes Unsecured for 100M Users
Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles.
After a taking...
Scams Ramp Up Ahead of Black Friday Cybercriminal Craze
With more online shoppers this year due to COVID-19, cybercriminals are pulling the trigger on new scams ahead of Black Friday and Cyber Monday.
The number of online holiday shoppers...
Credential-Stuffing Attack Hits The North Face
The North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website.
The North Face has reset its customers’ passwords after attackers launched...
Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks
Security problems in Schneider Electric programmable logic controllers allow compromise of the hardware, responsible for physical plant operations.
Two security vulnerabilities in Schneider Electric’s programmable logic controllers (PLCs) could allow...
Nvidia Warns Windows Gamers of GeForce NOW Flaw
Both Nvidia and Intel faced severe security issues this week – including a high-severity bug in Nvidia’s GeForce NOW.
Nvidia is red-flagging a high-severity flaw in its GeForce NOW application...
Silver Peak SD-WAN Bugs Allow for Network Takeover
Three security vulnerabilities can be chained to enable unauthenticated remote code execution.
Silver Peak’s Unity Orchestrator, a software-defined WAN (SD-WAN) management platform, suffers from three remote code-execution security bugs that...
Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs
Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.
A massive Intel security update this month addresses...
