IT admins of Microsoft systems have 55 new vulnerabilities to patch this month after the company issued its patches for November this week, including two that are currently under active exploitation and six rated as critical. November’s Patch Tuesday releases fix security flaws in Microsoft products such as Azure, Azure RTOS, Azure Sphere, Microsoft Dynamics, […]
Brizy Page Builder, a popular WordPress plugin known as one of the best website builders for non-techies has known vulnerabilities, which could lead to the potential compromise of thousands of WordPress websites. Researchers at Security firm Wordfence stumbled upon the Brizy Page Builder vulnerabilities during a routine review of its firewall rules. The company discovered […]
Google is pushing out emergency Chrome updates after two zero-day vulnerabilities have been exploited by attackers.
The IoT has long been thought to be full of gaping vulnerabilities for attackers to exploit, and it’s now becoming a reality as two recently vulnerability disclosures say millions of IoT devices could be at risk and allow attackers to spy on organizations or completely control affected devices. IoT Inspector was the first to disclose […]
A pair of new reports from Risk Based Security find that disclosed software and hardware vulnerabilities continue to increase while reported data breaches in most parts of the world decline. For IT administrators struggling to keep pace with the rapid changes in cybersecurity, the reports provide some useful insight into exactly what you’re up against. […]
Cybercriminals will look for any way into your networks, including phishing, brute force, supply chain attacks and software vulnerabilities, with the latter being especially dangerous since they’re built into software that we’re supposed to trust. They can be easy to find and exploit, allowing bad actors to take over an entire system, exfiltrate data and […]
Microsoft has been busy issuing software security patches over the last few weeks, including an emergency fix to resolve the PrintNightmare vulnerability and 117 fixes as part of its monthly security patch release. The volume of fixes this month is more than the last two months combined, but is on par with the monthly totals […]
Zoom has officially become a CVE Numbering Authority, meaning the company can assign identification numbers to new vulnerabilities and publish information related to those vulnerabilities. The company joins the CVE Program, an international community-based effort to identify, define and catalog publicly disclosed cybersecurity vulnerabilities that require third-party notification or coordination to remediate, Zoom said in […]