Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
Cisco security experts have noticed a sudden spike in vulnerability exploits against Cisco Adaptive Security Appliance (ASA) and Firepower Appliance.
Twitter has fixed a vulnerability in Twitter for Android that could allow a hacker to view private account information or take control of your account.
Microsoft issued an out-of-bound security update for a SharePoint Server vulnerability CVE-2019-1491.
Google has released Chrome 79.0.3945.88 for Windows, Mac and Linux. The update includes one security fix. The company also added a Chrome browser update for Android.
Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed "Zeppelin", a variant of the VegaLocker ransomware family.
TP-Link has patched a vulnerability in multiple Archer router models that could allow attackers to login without passwords.
WordPress has released version 5.3.1 security update that fixes multiple bugs. All WordPress versions 5.3 and earlier are affected.
A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.
Microsoft has revealed new cyber threat activity by a group dubbed GALLIUM that targets global telecommunication providers and unpatched web servers.