Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks
Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks

Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks

2021-01-22 12:03

Cybercriminals have been abusing unprotected servers running Microsoft’s Remote Desktop Protocol...

These Microsoft tools help you reduce, remove or lock down admin access to improve security

These Microsoft tools help you reduce, remove or lock down admin access to improve security

2021-01-22 11:08

The SolarWinds compromise means you can no longer put off privileged account management.

Bosses are using monitoring software to keep tabs on working at home. Privacy rules aren't keeping up

Bosses are using monitoring software to keep tabs on working at home. Privacy rules aren't keeping up

2021-01-22 10:26

Worker's union Prospect warned that the UK was at risk of 'sleepwalking into a world of...

Cloud Controls Matrix v4 adds 60+ new cloud security controls

Cloud Controls Matrix v4 adds 60+ new cloud security controls

2021-01-22 07:09

The Cloud Security Alliance (CSA) announced the availability of version 4 of the Cloud Controls...

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

2021-01-22 07:04

And also fix up these other holes that can be exploited via HTTP requests, SQL injection, etc...

Bolstering healthcare IT against growing security threats

Bolstering healthcare IT against growing security threats

2021-01-22 06:00

As the COVID-19 pandemic unfolds, healthcare organizations are scrambling to ensure the safety...

Retail and hospitality sector fixing software flaws at a faster rate than others

Retail and hospitality sector fixing software flaws at a faster rate than others

2021-01-22 05:30

The retail and hospitality sector is fixing software flaws at a faster rate than five other...

Vulnerabilities by Risk level (Last 12 months)

Risk level Last 12 months #
Critical 1618
High 2977
Medium 11653
Low 2868

Vulnerabilities by Vendor (Last 12 months)

Vendor Last 12 months #
Microsoft 1415
Google 1292
Oracle 828
Cisco 639
Netgear 631

Latest Vulnerabilities

  • CVE-2020-8570

    0.0

    Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a...

  • CVE-2020-8569

    0.0

    Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing...

  • CVE-2020-8568

    0.0

    Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem...

  • CVE-2020-8567

    0.0

    Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted...

  • CVE-2020-8554

    0.0

    Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an...

Latest Critical Vulnerabilities