MacOS Bug Could Let Creeps Snoop On You
The flaw could allow attackers to bypass Privacy preferences, giving apps with no right to access files, microphones or cameras the ability to record you or grab...
Wormable Windows Bug Opens Door to DoS, RCE
Microsoft’s May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities.
Microsoft’s May Patch Tuesday release addressed a modest 55 cybersecurity vulnerabilities, including just four critical bugs. It’s...
NVIDIA Patches Critical Bug in High-Performance Servers
NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn’t be patched until early 2021.
NVIDIA released a patch for a critical bug in its high-performance...
Technical Advisory – ParcelTrack sends all pasteboard data to ParcelTrack’s servers on startup
Vendor: ParcelTrack
Vendor URL: https://www.parceltrack.de/
Versions affected: ParcelTrack Android Version 3.3, ParcelTrack iOS Version 3.3
Author: Dan Hastings – dan.hastingsnccgroupcom
Summary
Upon start of the ParcelTrack application any data contained on the global...
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text.
Guardicore security researcher Amit Serper has...
NSA Warns: Patched VMware Bug Under Active Attack
Feds are warning that adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products.
Active attacks against a flaw in VMware’s Workspace One...
Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.
This year’s Consumer Electronics Show was hampered by the pandemic, but that didn’t...
Connected Farms Easy Pickings for Global Food Supply-Chain Hack
John Deere security bugs could allow cyberattackers to damage crops, surrounding property or even people; impact harvests; or destroy farmland for years.
A group of hackers made an unnerving DEF...
Email Bug Allows Message Snooping, Credential Theft
A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched.
Researchers warn hackers can snoop on email messages by...
Fiserv Forgets to Buy Domain It Used as System Default
Fintech security provider Fiserv acknowledges it used unregistered domain as default email.
Fiserv, a multi-billion-dollar cybersecurity tech provider for financial institutions, forgot to buy the domain used as a...
