Cisco today disclosed a zero-day vulnerability with proof-of-concept attack code publicly accessible in the Cisco AnyConnect Secure Mobility Client software. While security patches for this arbitrary code execution flaw are still not available, Cisco is working to resolve the zero-day issue, with a patch coming in a future version of Continue Reading
A zero-day vulnerability in the Windows operating system that is reportedly under active exploitation has been recently revealed by security researchers from Google. According to Ben Hawkes, team lead for Project Zero, Google’s elite vulnerability research team, the zero-day is supposed to be patched on November 10, which is the Continue Reading
On Thursday, the US National Security Agency has published a comprehensive report detailing the top 25 flaws that are currently being steadily scanned, targeted, and misused by Chinese state-sponsored hacking organizations. All 25 security flaws are widely known and have fixes available from their vendors, ready set to be installed. Continue Reading
For an important new bug that was revealed on Wednesday, nearly 800,000 internet-accessible SonicWall VPN appliances will need to be updated and fixed. CVE-2020-5135, which was discovered by the Tripwire VERT security team, affects SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices. They are used as Continue Reading
Taiwanese vendor QNAP has urged its customers to update the firmware and apps installed on NAS devices to avoid AgeLocker ransomware infections. Security experts have warned that encoded files can’t be recovered without paying the ransom to the ransomware operators. It’s observed that the new strain of ransomware is targeting Continue Reading
By