Critical SonicWall NAC Vulnerability Stems from Apache Mods
Researchers offer more detail on the bug, which can allow attackers to completely take over targets. Continue reading Critical SonicWall NAC Vulnerability Stems from Apache Mods
Category Archives: Web Security
Millions of Routers Exposed to RCE by USB Kernel Bug
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from Netgear, TP-Link, DLink, Western Digital, et al.
Continue reading Millions of Routers Exposed to RCE by USB Kernel Bug
URL Parsing Bugs Allow DoS, RCE, Spoofing & More
Dangerous security bugs stemming from widespread inconsistencies among 16 popular third-party URL-parsing libraries could affect a wide swath of web applications. Continue reading URL Parsing Bugs Allow DoS, RCE, Spoofing & More
Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High
Cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits, researchers found.
Continue reading Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High
EoL Systems Stonewalling Log4j Fixes for Fed Agencies
End of life, end of support, pandemic-induced shipping delays and remote work, scanning failures: It’s a recipe for a patching nightmare, federal cyberserurity CTO Matt Keller says.
Continue reading EoL Systems Stonewalling Log4j Fixes for Fed Agencies
Cyberattackers Hit Data of 80K Fertility Patients
Fertility Centers of Illinois’ security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files. Continue reading Cyberattackers Hit Data of 80K Fertility Patients
QNAP: Get NAS Devices Off the Internet Now
There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned. Continue reading QNAP: Get NAS Devices Off the Internet Now
Activision Files Unusual Lawsuit over Call of Duty Cheat Codes
Activision is suing to shut down the EngineOwning cheat-code site and hold individual developers and coders liable for damages. Continue reading Activision Files Unusual Lawsuit over Call of Duty Cheat Codes
Google Voice Authentication Scam Leaves Victims on the Hook
The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. Continue reading Google Voice Authentication Scam Leaves Victims on the Hook
Attackers Exploit Flaw in Google Docs’ Comments Feature
A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.
Continue reading Attackers Exploit Flaw in Google Docs’ Comments Feature