Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
BleepingComputer
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
BleepingComputer
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients.
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
BleepingComputer
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirusβ¦
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
BleepingComputer
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates howβ¦
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
BleepingComputer
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365.
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
BleepingComputer
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information.
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
BleepingComputer
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated statements from alleged victims that are disputed by the firm that sounded the alarm.
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
BleepingComputer
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonableβ¦
Google Chrome Offers a Glimpse of it's Upcoming Settings Screen
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-offers-a-glimpse-of-its-upcoming-settings-screen/
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-offers-a-glimpse-of-its-upcoming-settings-screen/
BleepingComputer
Google Chrome Offers a Glimpse of it's Upcoming Settings Screen
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page.
Hackers Access Over 461,000 Accounts in Uniqlo Data Breach
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/
BleepingComputer
Hackers Access Over 461,000 Accounts in Uniqlo Data Breach
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack.
Keyloggers Injected in Web Trust Seal Supply Chain Attack
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors. [...]
https://www.bleepingcomputer.com/news/security/keyloggers-injected-in-web-trust-seal-supply-chain-attack/
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors. [...]
https://www.bleepingcomputer.com/news/security/keyloggers-injected-in-web-trust-seal-supply-chain-attack/
BleepingComputer
Keyloggers Injected in Web Trust Seal Supply Chain Attack
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors.
Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-remote-desktop-flaw-blocks-worm-malware/
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-remote-desktop-flaw-blocks-worm-malware/
BleepingComputer
Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations.
New RIDL and Fallout Attacks Impact All Modern Intel CPUs
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data from CPU buffers, which is not necessarily present in caches. [...]
https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data from CPU buffers, which is not necessarily present in caches. [...]
https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/
BleepingComputer
New RIDL and Fallout Attacks Impact All Modern Intel CPUs
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data fromβ¦
Security Updates Released for Adobe Flash Player and Media Encoder
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player. [...]
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-flash-player-and-media-encoder/
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player. [...]
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-flash-player-and-media-encoder/
BleepingComputer
Security Updates Released for Adobe Flash Player and Media Encoder
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player.
Microsoft Releases May 2019 Office Updates With Security Fixes
Microsoft released the May 2019 Office Update today, which consists of 9 security updates and 25 non-security updates. As some of the Microsoft Office security updates resolve critical vulnerabilities, it is strongly advised to install them as soon as possible. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-may-2019-office-updates-with-security-fixes/
Microsoft released the May 2019 Office Update today, which consists of 9 security updates and 25 non-security updates. As some of the Microsoft Office security updates resolve critical vulnerabilities, it is strongly advised to install them as soon as possible. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-may-2019-office-updates-with-security-fixes/
BleepingComputer
Microsoft Releases May 2019 Office Updates With Security Fixes
Microsoft released the May 2019 Office Update today, which consists of 9 security updates and 25 non-security updates. As some of the Microsoft Office security updates resolve critical vulnerabilities, it is strongly advised to install them as soon as possible.
Windows 10 May 2019 Cumulative Updates Released With Fixes
Microsoft has just released new cumulative updates for Windows 10 version 1903, version 1809 and version 1803 as part of the monthly Patch Tuesday cycle. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-may-2019-cumulative-updates-released-with-fixes/
Microsoft has just released new cumulative updates for Windows 10 version 1903, version 1809 and version 1803 as part of the monthly Patch Tuesday cycle. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-may-2019-cumulative-updates-released-with-fixes/
BleepingComputer
Windows 10 May 2019 Cumulative Updates Released With Fixes
Microsoft has just released new cumulative updates for Windows 10 version 1903, version 1809 and version 1803 as part of the monthly Patch Tuesday cycle.
Microsoft's May 2019 Patch Tuesday Fixes 79 Vulnerabilities
Today is Microsoft's May 2019 Patch Tuesday, which means Windows admins are pouring themselves a drink (maybe two) and getting ready ti pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for publicly disclosed or exploited vulnerabilities. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-may-2019-patch-tuesday-fixes-79-vulnerabilities/
Today is Microsoft's May 2019 Patch Tuesday, which means Windows admins are pouring themselves a drink (maybe two) and getting ready ti pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for publicly disclosed or exploited vulnerabilities. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-may-2019-patch-tuesday-fixes-79-vulnerabilities/
BleepingComputer
Microsoft's May 2019 Patch Tuesday Fixes 79 Vulnerabilities
Today is Microsoft's May 2019 Patch Tuesday, which means Windows admins are pouring themselves a drink (maybe two) and getting ready ti pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month'sβ¦
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4499164 & KB4499151
Microsoft is rolling out new cumulative updates to Windows 10 versions with security fixes and improvements. Microsoft has also released the May 2019 patches to users with Windows 7 and Windows 8.1 device. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4499164-and-kb4499151/
Microsoft is rolling out new cumulative updates to Windows 10 versions with security fixes and improvements. Microsoft has also released the May 2019 patches to users with Windows 7 and Windows 8.1 device. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4499164-and-kb4499151/
BleepingComputer
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4499164 & KB4499151
Microsoft is rolling out new cumulative updates to Windows 10 versions with security fixes and improvements. Microsoft has also released the May 2019 patches to users with Windows 7 and Windows 8.1 device.
List of MDS Speculative Execution Vulnerability Advisories & Updates
Four new vulnerabilities have been discovered in Intel processors that can be exploited via speculative execution side-channel attacks called RIDL, Fallout, and ZombieLoad. These vulnerabilities allow attackers to steal passwords, cryptographic keys, or any other type of data to be loaded or stored in the memory of the CPU buffers. [...]
https://www.bleepingcomputer.com/news/security/list-of-mds-speculative-execution-vulnerability-advisories-and-updates/
Four new vulnerabilities have been discovered in Intel processors that can be exploited via speculative execution side-channel attacks called RIDL, Fallout, and ZombieLoad. These vulnerabilities allow attackers to steal passwords, cryptographic keys, or any other type of data to be loaded or stored in the memory of the CPU buffers. [...]
https://www.bleepingcomputer.com/news/security/list-of-mds-speculative-execution-vulnerability-advisories-and-updates/
BleepingComputer
List of MDS Speculative Execution Vulnerability Advisories & Updates
Four new vulnerabilities have been discovered in Intel processors that can be exploited via speculative execution side-channel attacks called RIDL, Fallout, and ZombieLoad. These vulnerabilities allow attackers to steal passwords, cryptographic keys, or anyβ¦
Windows 10 Spectre 2 Mitigation Now Uses Retpoline By Default
If you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature by default in Windows 10 version 1809 (October 2018 Update) for better performance. [...]
https://www.bleepingcomputer.com/news/security/windows-10-spectre-2-mitigation-now-uses-retpoline-by-default/
If you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature by default in Windows 10 version 1809 (October 2018 Update) for better performance. [...]
https://www.bleepingcomputer.com/news/security/windows-10-spectre-2-mitigation-now-uses-retpoline-by-default/
BleepingComputer
Windows 10 Spectre 2 Mitigation Now Uses Retpoline By Default
If you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature by default in Windows 10 version 1809 (October 2018 Update) for better performance.