Security researchers have discovered three Unified Extensible Firmware Interface vulnerabilities impacting more than 100 different models of Lenovo consumer laptops that could allow attackers to deploy and execute malware. According to Slovakia-based cybersecurity firm ESET, two of the discovered firmware bugs affect UEFI firmware drivers originally designed to only be used during the manufacturing process […]
Security analysts at Skybox Security uncovered a 42% increase in new ransomware programs targeting known vulnerabilities last year, including critical vulnerabilities discovered in Log4j and Exchange Server. The San Jose, Calif. cybersecurity company’s 2022 Vulnerability and Trends Report, released this week, details how quickly hackers capitalize on new security bugs and continue to reduce the […]
Google has addressed the reasons for all of the Zero Days discovered in Chrome recently, citing more vendor transparency, evolved attacker focus, the increased use of vulnerabilities in attacks and the increasing complexity of software. According Project Zero, Google’s vulnerability reporting entity, there have been 25 zero day vulnerabilities in Google Chrome since 2014, including […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been extremely active in helping both the public sector and private sector respond to cybersecurity threats, and is often one of the leading voices when new threats emerge. The agency, part of DHS, has released guides, advisories and other resources on current and historical threats, and […]
Tenable’s 2021 Threat landscape retrospective report looks back at year unlike any other. Dozens of groups, like REvil, Conti, DarkSide and more, dominated the headlines and continued to wreak havoc across a wide range of industries. Tenable’s research team noted a surge in ransomware attacks, data breaches, zero-days and much more in 2021. Top vulnerabilities […]
Google is releasing a Chrome security update for Windows, Mac and Linux that contains fixes for 37 vulnerabilities. Fixes for the updates are included in Chrome 97.0.4692.7, which the company says will roll out over the coming days and weeks. Of the 37 security bugs, one is rated as critical—a use after free flaw in […]
Microsoft is urging Active Directory administrators to apply November patches for a pair of tricky domain service privilege escalation vulnerabilities after a proof-of-concept tool leveraging them was publicly disclosed. According to the company, an attacker can combine the two bugs (CVE-2021-42287 and CVE-2021-42278) to “create a straightforward path to a Domain Admin user in an […]
IT admins of Microsoft systems have 55 new vulnerabilities to patch this month after the company issued its patches for November this week, including two that are currently under active exploitation and six rated as critical. November’s Patch Tuesday releases fix security flaws in Microsoft products such as Azure, Azure RTOS, Azure Sphere, Microsoft Dynamics, […]
Brizy Page Builder, a popular WordPress plugin known as one of the best website builders for non-techies has known vulnerabilities, which could lead to the potential compromise of thousands of WordPress websites. Researchers at Security firm Wordfence stumbled upon the Brizy Page Builder vulnerabilities during a routine review of its firewall rules. The company discovered […]
Google is pushing out emergency Chrome updates after two zero-day vulnerabilities have been exploited by attackers.
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!