Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
Uncategorized
Microsoft patches critical, wormable flaw in Windows DNS Server
The company urges organizations to waste no time in installing updates to fix the vulnerability that rates a ‘perfect’ 10 on the severity scale
Zoom patches zero‑day flaw in Windows client
The vulnerability exposed Zoom users running Windows 7 or earlier OS versions to remote attacks
Popular home routers plagued by critical security flaws
A study paints a dim picture of router security, as none of the 127 devices tested was free of severe vulnerabilities
Attackers target critical flaw in popular networking gear
The vulnerability, which received the highest possible severity score, leaves thousands of devices at risk of being taken over by remote attackers. A patch is available.
Microsoft releases emergency update to fix two serious Windows flaws
The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical
What is a password manager and why is it useful?
A password manager can make your digital life both simpler and more secure. Are there any downsides to relying on software to create and store your passwords?
Ripple20 bugs expose hundreds of millions of devices to attacks
Devices used in the energy, transportation and communications sectors are also affected by the flaws in the TCP/IP software library
Microsoft ships hefty patch load this month
The latest Patch Tuesday knocks out a record-high number of vulnerabilities, including new bugs in the SMB protocol
Apple hopes to bolster password security with open source project
The tech giant wants developers of password managers to collaborate for better user experience and security
Mozilla fixes five high‑risk Firefox flaws, bug in DoH feature
The browser maker rolls out updates on back-to-back days, including a patch to avoid unintentionally overloading DNS providers
Bug in ‘Sign in with Apple’ could have allowed account hijacking
The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000
People know reusing passwords is risky – then do it anyway
And most people don’t change their password even after hearing about a breach, a survey finds
Critical Android flaw lets attackers hijack almost any app, steal data
Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers
Bluetooth flaw exposes countless devices to BIAS attacks
As many as 30 different smartphones, laptops and other devices were tested – and all were found to be vulnerable
European supercomputers hacked to mine cryptocurrency
Several high-performance computers working on COVID-19 research have been forced offline following a string of attacks
Microsoft fixes vulnerability affecting all Windows versions since 1996
Another vulnerability in the same Windows component was abused by Stuxnet a decade ago
Thunderbolt flaws open millions of PCs to physical hacking
A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
5 common password mistakes you should avoid
Password recycling and using easy-to-guess passwords are just two common mistakes you may be making when protecting your digital accounts
Almost a million WordPress websites targeted in massive campaign
An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years