New GoFetch Vulnerability in Apple’s M Chips Allows Secret Keys Leak on Compromised Computers

The GoFetch vulnerability, which affects Apple’s M series of chips, allows an attacker to steal secret keys from the Mac under certain conditions. Read tips on mitigating the GoFetch security threat. Continue reading New GoFetch Vulnerability in Apple’s M Chips Allows Secret Keys Leak on Compromised Computers

New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan and Germany. Continue reading New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

How to add the Docker Scout feature to the Docker CLI

In this TechRepublic How to Make Tech Work tutorial, Jack Wallen shows you how to add the Docker Scout feature to the Docker CLI.
The post How to add the Docker Scout feature to the Docker CLI appeared first on TechRepublic.
Continue reading How to add the Docker Scout feature to the Docker CLI

Phishing from threat actor TA473 targets US and NATO officials

These phishing campaigns are exploiting a Zimbra vulnerability and affecting internet-facing webmail services. Learn how to protect your organization from this security threat.
The post Phishing from threat actor TA473 targets US and NATO officials app… Continue reading Phishing from threat actor TA473 targets US and NATO officials

Developer Education: Learning to Secure Code on Demand

Scanning your code base frequently to discover security risk early in development gives engineers more time time to address issues. But security risk is a challenging issue and most developers need more than just time.
Consider:

Over 60% of identified… Continue reading Developer Education: Learning to Secure Code on Demand

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs. Continue reading Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

RDP Attacks on the Rise During COVID-19 Pandemic

Enterprises forced to pivot to remote work environments in the wake of the COVID-19 pandemic may have exposed themselves to the potential for remote desktop protocol (RDP) attacks. When global lockdowns were initiated in early 2020, most organizations… Continue reading RDP Attacks on the Rise During COVID-19 Pandemic

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. Continue reading ‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Electronic Medical Records Cracked Open by OpenClinic Bugs

Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more. Continue reading Electronic Medical Records Cracked Open by OpenClinic Bugs