Lenovo Patches Intel Firmware Flaws in Multiple Product Lines
Lenovo has issued patches for several serious vulnerabilities in its products stemming from Intel technology fixes.
Alerts
Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection
An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.
Threatlist: IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’
Attackers are increasingly targeting insecure legacy protocols, like IMAP, to avoid running into multi-factor authentication in password-spraying campaigns.
Zero-Days in Counter-Strike Client Used to Build Major Botnet
A full 39 percent of Counter-Strike 1.6 game servers on Steam were found to be malicious.
Cisco Patches Critical ‘Default Password’ Bug
Vulnerability allows adversaries to access monitoring system used for gathering info on operating systems and hardware.
GlitchPOS Malware Appears to Steal Credit-Card Numbers
A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested
A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.
Intel Windows 10 Graphics Drivers Riddled With Flaws
Intel has patched several high-severity vulnerabilities in its graphics drivers for Windows 10, which could lead to code execution.
MAGA ‘Safe Space’ App Developer Threatens Security Researcher
The mobile app, dubbed a "Yelp for Conservatives," was found with an open API leaking reams of user data.
Three Ways DNS is Weaponized and How to Mitigate the Risk
Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think.
Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw
Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.
Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation
Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.
Microsoft Patches Two Win32k Bugs Under Active Attack
Microsoft's March Patch Tuesday updates include 64 fixes, 17 of which are rated critical.
ThreatList: Phishing Attacks Doubled in 2018
Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.
Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes
Microsoft won't be patching the bug, but a proof of concept shows the potential for successful malware implantation.
Adobe Patches Critical Photoshop, Digital Edition Flaws
Adobe fixed two arbitrary code execution flaws in its Photoshop and Digital Edition products.
Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix
IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity.
Google Patches Critical Bluetooth RCE Bug
In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
The First Stop For Security News
Subscribe to Alerts feed
0732150500/7, 0703044000/7
KENET WEBSITE
