BleepingComputer
11K subscribers
41 photos
24.9K links
Latest news and stories from BleepingComputer.com

From a bleeping computer to a working computer.
Download Telegram
Critical 21Nails Exim bugs expose millions of servers to attacks

Newly discovered critical vulnerabilities in the Exim message transfer agent (MTA) software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations. [...]

https://www.bleepingcomputer.com/news/security/critical-21nails-exim-bugs-expose-millions-of-servers-to-attacks/
VMware fixes critical RCE bug in vRealize Business for Cloud

VMware has released security updates to address a critical severity vulnerability in vRealize Business for Cloud that enables unauthenticated attackers to remotely execute malicious code on vulnerable servers. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-rce-bug-in-vrealize-business-for-cloud/
Qualcomm vulnerability impacts nearly 40% of all mobile phones

A high severity security vulnerability found in Qualcomm's Mobile Station Modem (MSM) chips (including the latest 5G-capable versions) could enable attackers to access mobile phone users' text messages, call history, and listen in on their conversations. [...]

https://www.bleepingcomputer.com/news/security/qualcomm-vulnerability-impacts-nearly-40-percent-of-all-mobile-phones/
New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. [...]

https://www.bleepingcomputer.com/news/security/new-tsuname-dns-bug-allows-attackers-to-ddos-authoritative-dns-servers/
Google wants to enable multi-factor authentication by default

Google strives to push all its users to start using two-factor authentication (2FA), which can block attackers from taking control of their accounts using compromised credentials or guessing their passwords. [...]

https://www.bleepingcomputer.com/news/security/google-wants-to-enable-multi-factor-authentication-by-default/