Search Results For: cvss

If you own a Western Digital My Book Live, unplug it from the internet as soon as possible. WD has reported that people have been waking up to find their My Book Live devices completed wiped of installed data due to malicious software performing a factory reset. On June 23rd, WD Community Forum user sunpeak made a... Read more...
Security researchers have sounded the alarm on four BIOS vulnerabilities affecting 129 different Dell models, including various laptop and desktop systems, as well as some tablets. In total, it is estimated that around 30 million Dell systems are susceptible to the vulnerabilities and should be patched right away... Read more...
Yesterday was Microsofts routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack... Read more...
Dell is one of the most popular PC brands globally, selling millions of laptops, desktops, and server systems to everyday consumers and businesses alike each year. However, SentinelLabs researchers warned this week that five critical security flaws have been lurking in its firmware update driver since the early days... Read more...
In January, Google warned security researchers about sneaky social engineering and hacking attempts coming from North Korea. Originally, the Google Threat Analysis Group (TAG), and other researchers found that the North Korean hackers blog compromised anyone who visited the website. Now, Microsoft has patched the... Read more...
While vulnerabilities crop up regularly, people need to be on the lookout, and developers need to patch their programs for everyones benefit. When a developer neglects this responsibility, people and information are left at risk. Back in August, a vulnerability that allowed a local attack and code execution on an... Read more...
A new Bluetooth security vulnerability has appeared, and this time Linux is under the gun. Andy Nguyen, an information security researcher, discovered the vulnerabilities. They are collectively known as BleedingTooth, which allows for zero-click remote code execution on Linux devices within Bluetooth range. The code... Read more...
There is a very good reason why the Department of Homeland Security recently issued an emergency directive to federal agencies to patch their Windows Servers against Zerologon. Just five days after the directive, Microsoft confirmed on Twitter that Zerologon is actively being exploited by hackers. "Microsoft is... Read more...
Earlier in the week, we reported on a dangerous exploit with Windows domain controllers called Zerologon. Now, the Cybersecurity and Infrastructure Security Agency (CISA), under the Department of Homeland Security direction, is issuing warnings about the exploit and is pushing government agencies to patch the... Read more...
Secura digital security advisors and researchers, have discovered a highly critical vulnerability with Active Directory domain controllers. Rated as a 10 of 10 on the Common Vulnerability Scoring System (CVSS), this exploit, dubbed Zerologon, allows nefarious people to take over the domain controller and... Read more...
Microsoft's July 2020 Patch Tuesday release has fixes for over 120 security vulnerabilities found in a dozen of its software products. This is typically the case with Patch Tuesday releases, but there is one vulnerability in particular that you should pay close attention to. Microsoft has announced that it released... Read more...
Quick, sound the alarms, GeForce Experience is fatally flawed and we're all doomed. DOOMED, I tell you! Just kidding (I may have had too much coffee this morning)the flaw is not fatal, and we're not doomed. However, NVIDIA really is pushing out a security update to patch a vulnerability in GeForce Experience that... Read more...
Intel has posted a security advisory saying that several of its desktop and mobile processors are susceptible to a vulnerability that could allow an attacker to alter a CPU's voltage and frequency. The goal for an attacker would be to use the exploit to swipe data from within a secured area of the CPU known as Intel... Read more...
Not long after Microsoft issued a bevy of security updates for its products during Patch Tuesday, Intel is holding its own "patch party" for its hardware and software products. Products affected includeIntel's lineup of NUC mini PCsand Compute Sticks along with a few of its software utilities. On the NUC front... Read more...
If you have an NVIDIA GPU in your Windows rig like the newSuper family of GeForce RTXgraphics cards -- now might be a good time to update your graphics driver to the latest version. NVIDIA has pushed out a new update for its graphics drivers that address a total of five security issues within Windows. The least... Read more...
Sometimes it feels as though nary a day goes by without someone sounding the alarm on a new security vulnerability. More recently, there has been a lot of hoopla over side-channel exploits, such as Spectre and Meltdown, and various other variants. Here is another one to add to your mental catalog of... Read more...
There are two main trains of thought when it comes to updating drivers. One is to always install them right away to ensure you are protected from the latest threats, and that everything is working as intended. The second is to wait a bit to make sure there are not any unintended side effects, like sending your system... Read more...
If you thoughtSpectre and Meltdownwere bad, there are new exploits that have the potential to seriously compromise modern Intel processors. The latest class of exploits are called Foreshadow, and were was disclosed today by Intel via a blog post. The exploit involves Intel's Software Guard Extensions, which is better... Read more...
Do you use Java? If so, be aware that Oracle just released its "June 2013 Critical Update for Java SE," a collection of code that provides 40 new security fixes. All but three of them are security holes that can be exploited from a remote location without any kind of authentication. Four of the vulnerabilities affect client and server deployments,... Read more...
Not long ago, we learned of an issue that affects all systems running Flash. Although most users' minds automatically think of the vulnerabilities they could be exposed to on their PC, because the BlackBerry PlayBook supports flash, this tablet is also susceptible. For this reason, RIM is releasing a new version of the BlackBerry Tablet OS... Read more...