News

Vulnerabilities: Latest news on security vulnerabilities, zero-day attacks, threat actors and system weaknesses in enterprise cybersecurity

The cybersecurity update from India and around the globe on latest IT vulnerabilities for information security professionals, researchers and technology leaders.  

CSO Feb 14th 2019 A-A+

________________

January 2019
________________
 

Indian bounty hunter exposes bug that made 400M Microsoft accounts easily hackableOT attacks

Skybox Security has announced the release of its latest Vulnerability and Threat Trends Report which analyzes the vulnerabilities, exploits and threats in play over the previous year. What stands out first from the data is the sheer volume of new vulnerabilities published in 2018.

OT attacks on the rise and cryptominers reign supreme: Report
 

 

 

Multi-vector attackscloud-multi-attack

A centralized patch management system for cloud assets is also needed, so that known critical vulnerabilities in various software components do not remain unpatched.

Multi-vector attacks target cloud-hosted technologies
 

________________

December 2018
________________
 

Indian bounty hunter exposes bug that made 400M Microsoft accounts easily hackableMicrosoft accounts

A Kerala-based bug bounty hunter, Sahad NK discovered a critical vulnerability in Microsoft’s login that made it possible to hack into anyone’s MS Office and Outlook account..

Indian bounty hunter exposes bug that made 400M Microsoft accounts easily hackable

 

 

 

Attackers will exploit emerging techAI

More vulnerabilities will be found in cloud infrastructure, such as containers, and weak cloud security measures will allow greater exploitation of accounts for cryptocurrency mining.

Cyber criminals to use AI to anticipate executive movements: Report

________________

November 2018
________________
 

Instagram security bug inadvertently exposed user passwordsInstagram security bug

Instagram’s ‘Download Your Data’ tool accidentally put user credentials at risk. What’s particularly worrisome though, is the possibility of Instagram storing passwords in plain text.

Instagram security bug inadvertently exposed user passwords

 

 

Should you do more to protect RDP?RDP

There are times when having a remote access service can truly add vulnerabilities to your system that you could not defend against using the defaults or best practices.

Experience an RDP attack? It’s your fault, not Microsoft’s

 

 

 

Cisco reveals vulnerability cisco-vulnerabilities

Cisco has revealed a vulnerability within two of its software that allows hackers to cause a denial of service (DoS), which is being actively exploited.

Cisco reveals vulnerabilities affecting eight of its products

 

 

 

Zero-day vulnerability in Windows 10windows-10

A security researcher unearthed a zero-day vulnerability in Microsoft Windows 10. And this one goes beyond altering system files – it actually deletes them.
 

Zero-day vulnerability with file-deleting capability found in Windows 10