Security news that informs and inspires

Archive

60 results for tag Vulnerability:

Exploits Circulating for Windows MSHTML Zero Day

Some proof-of-concept exploits have begun circulating for CVE-2021-40444 and no patch is yet available.

Microsoft, Vulnerability

Attackers Exploiting Critical Flaw in Zoho Password Management Tool

Attackers are exploiting an authentication bypass flaw in Zoho's ManageEngine ADSelfService Plus password management app.

Vulnerability

Apple Fixes MacOS Flaw Abused in XCSSET Malware Attacks

Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.

Apple, Vulnerability, Malware, Zero Day

FragAttacks Bugs Plague Wi-Fi Devices

A set of implementation and design flaws have been uncovered in the 802.11 standard that underpins Wi-Fi.

Wifi, Mobile, Vulnerability

The Tightrope Walk of Vulnerability Disclosure Windows and Patch Adoption

Google Project Zero's recent tweaking of its vulnerability disclosure window reflects how researchers are taking into account patch adoption when mulling disclosure policies.

Vulnerability, Vulnerability Disclosure, Vulnerability Management, Google Project Zero