Security News

A security vulnerability discovered and patched 10 years ago has remained unaddressed in various Avaya phones until recently, McAfee security researchers have discovered.  read more

With so many threats and vulnerabilities to deal with, just knowing which actions you should prioritize can be hard. The new Threat & Vulnerability Management service from Microsoft should help.

A vulnerability addressed this week in the Kubernetes container orchestration system could allow users to read, modify or delete cluster-wide custom resources. read more

A critical SQL injection vulnerability exposed nearly one million financial records stored in a Starbucks enterprise database, a researcher revealed this week. read more

Flexera, the software company that helps organizations realize technology’s power to accelerate their business, releases an add-on module for its popular Software Vulnerability Manager – Vendor...

Cybersecurity vulnerabilities continue to increase, and automated scanners can't always detect the most critical ones, according to Bugcrowd.

Internet-connected devices powered by VxWorks 6.5 and newer are affected by a vulnerability that allows remote attackers full control over targeted devices.

A security hole affecting the free and open source ProFTPD file transfer protocol (FTP) server can be exploited to copy files to vulnerable servers and possibly execute arbitrary code. read more

A critical remote code execution vulnerability has been found and patched in Palo Alto Networks’ GlobalProtect product. read more

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from...