Newly discovered vulnerabilities could allow more persistent and destructive attacks on popular models of ATM and POS devices.
Stories by Lucian Constantin
The memory corruption flaws exist in a wide range of commercial and consumer devices, and can allow full takeover of them.
Attackers are taking advantage of the Covid-19 crisis to exploit pre-existing and newly introduced vulnerabilities across a wide range of attack points.
Microsoft issues a patch to fix a flaw that could allow compromised non-privileged user accounts to place malicious DLLs on a system.
If left unpatched, these SAP ASE vulnerabilities could give attackers full control of databases and servers.
Left unpatched, this command injection flaw could allow attackers to take control of a virtualised cloud infrastructure.
Some industries have seen increases in cloud-related threat events rise as much as 1,350 per cent since the Covid-19 crisis began.
A new report shows that Android mobile device manufacturers are getting better at patching the OS, but patching levels vary across models and vendors.
Undocumented cloud configuration changes, whether done by attackers or for legitimate business reasons, present a significant security threat.
Cisco and Palo Alto Networks have fixed similar high-risk authentication bypass vulnerabilities in their network security devices.
The rush to enable employees to work from home in response to Covid-19 resulted in more than 1.5 million new RDP servers being exposed to the internet.
Attackers are exploiting two critical vulnerabilities in the popular SaltStack infrastructure automation software to take control of servers.
Attackers continue to exploit people's fears about the Covid-19 pandemic to increase the success rate of malicious campaigns.
Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.
The sophisticated botnet also has high persistence and is capable of delivering different types of malware in addition to launching DDoS attacks.