vulnerabilities

“Zyfwp,” an admin-level account with a hard-coded password, discovered in several networking devices made by ZyXel.

The CVE-2020-1472 vulnerability in the Netlogon protocol, aka Zerologon, lets attackers hijack domain controllers.

Our technologies prevented an attack. Expert analysis revealed the exploitation of two previously unknown vulnerabilities. What you need to know.

Microsoft has released a patch for a critical RCE vulnerability in Windows Server systems.

Israeli experts claim that hundreds of millions of IoT devices contain critical vulnerabilities — and that’s the most conservative estimate.

To ensure that a vulnerability disclosure doesn’t cause more problems than it solves, we recommend a few simple principles.

Microsoft has posted a security advisory about vulnerabilities in Adobe Type Manager Library, which are already being exploited by cybercriminals.

Microsoft has released a patch for newly discovered critical vulnerability CVE-2020-0796 in the network protocol SMB 3.1.1.

On this podcast, Dave and Jeff discuss Windows 7’s end of life, a bug in the Windows CryptoAPI revealed by the NSA, Las Vegas hit with a cyberattack, and more.

Thanks to independent security researchers, we’ve fixed several security issues, protecting customers automatically.

Our ICS CERT experts found 37 vulnerabilities in four VNC implementations. The developers have fixed most, but not all, of them.

Outsiders can penetrate your network through LAN sockets and devices in public areas.

Contrary to common belief, public clouds are not highly secure by design, and so require additional protection.

Six severe vulnerabilities in iMessage that allow remote code execution and data stealing with no user interaction? Sounds like a good reason to update to iOS 12.4 as soon as possible.

A newly discovered vulnerability allows hackers to eavesdrop on WhatsApp users, read their chats, and install spyware just by calling them. Update the app now!

Our proactive security technologies uncovered an attempt to exploit another zero-day vulnerability in win32k.sys.

The Microsoft Office threat landscape, and the technologies that help us catch related zero-day exploits, were the focus of this talk at the SAS 2019 conference.

Do you use plugins on your website? Make sure they are updated regularly.

To reduce the attack surface you can block many vulnerable features of software. The question is, how can you do that but not interfere with business-processes?

Attackers display active interest in MSPs, exploiting vulnerabilities to infect their clients with cryptomalware.