NIST issues Security-Focused Configuration Management Guidelines
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
CStealer: a new Windows trojan password stealer
A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.
Kaspersky finds dozens of VNC remote access vulnerabilities
Security experts from Kaspersky have discovered 37 vulnerabilities in four VNC implementations, some that have gone undetected since 1999.
Apache Solr Remote Code Execution vulnerability exploit code published
A security researcher has published proof of concept (PoC) for exploit code of an Apache Solr remote code execution vulnerability CVE-2019-12409.
T-Mobile data breach impacts prepaid service customers
T-Mobile disclosed a data breach that impacts a small number of customers of its prepaid service.
BIND security update
The Internet Systems Consortium (ISC) has released a security update that fixes a vulnerability in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Chrome browser and OS security updates
Google has released a new security update for Chrome browser 78.0.3904.108 for Windows, Mac and Linux, as well as a Chrome OS update.
GitHub launches ‘Security Lab’ to help secure open source software
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.
Thousands of stolen Disney+ accounts for sale in hacking forums
Thousands of Disney+ account owners have reported their accounts have been hacked hours after the Disney+ video streaming service was launched.
APT33 uses a dozen botnets in targeted malware campaign
Security researchers from Trend Micro have spotted a dozen obfuscated botnets being used in a highly targeted malware campaign.
- 1
- 2