Security News

Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium...

Google on Thursday published detailed information on five iOS exploit chains, one of which has been used to remotely hack iPhones for at least two years.  read more

Make sure you're not deploying containers based on vulnerable images by scanning those images with Harbor.

A researcher has disclosed the details and created Metasploit modules for Cisco UCS vulnerabilities that can be exploited to take complete control of affected systems. read more

Risk Based Security reported today that VulnDB aggregated 11,092 vulnerabilities with disclosure dates during the first half of 2019, with CVE/NVD falling behind by 4,332 entries, according to...

It's always nice when I can combine squid and security: Multiple versions of the Squid web proxy cache server built with Basic Authentication features are currently vulnerable to code execution...

Software updates released by Kubernetes this week address HTTP/2 implementation vulnerabilities that were disclosed earlier this month.  read more

A recently observed variant of the Asruex backdoor acts as an infector by targeting old vulnerabilities in Microsoft Office and Adobe Reader and Acrobat 9.x, Trend Micro reports.  read more

The overall number of reported vulnerabilities in the first half of 2019 has dropped slightly from last year, but risks remain high, according to Risk Based Security.

Cisco just issued some urgent patching homework in the form of 31 security fixes, 4 of them for flaws rated ‘critical’.