High severity OpenCV buffer overflow vulnerabilities
Cisco's Talos security group has released details on two High severity buffer overflow vulnerabilities that affect OpenCV libraries.
DHS reissues National Terrorism Advisory System (NTAS) Bulletin
The Department of Homeland Security (DHS) has reissued a National Terrorism Advisory System (NTAS) bulletin after a lethal U.S. strike killed Iranian IRGC-Quds Force commander Qassem Soleimani on January 2, 2020 while Soleimani was in Iraq.
OWASP API Security Top 10 2019
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update every three to fours years, similar to the other OWASP Top 10 series.
Cisco patches 3 critical vulnerabilities in Data Center Network Manager software
Cisco has patched three critical vulnerabilities in its Data Center Network Manager (DCNM) software that could allow an attacker to bypass authentication. In addition, six High and two Medium severity DCNM software bugs were also addressed.
The top 20 vulnerabilities to patch now (that are most under attack)
Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
Spike in ASA vulnerability exploits
Cisco security experts have noticed a sudden spike in vulnerability exploits against Cisco Adaptive Security Appliance (ASA) and Firepower Appliance.
Twitter fixes vulnerability in Twitter for Android app
Twitter has fixed a vulnerability in Twitter for Android that could allow a hacker to view private account information or take control of your account.
Microsoft issues out-of-band security update for SharePoint Server vulnerability (CVE-2019-1491)
Microsoft issued an out-of-bound security update for a SharePoint Server vulnerability CVE-2019-1491.
Google releases Chrome security update (79.0.3945.88)
Google has released Chrome 79.0.3945.88 for Windows, Mac and Linux. The update includes one security fix. The company also added a Chrome browser update for Android.
Attackers abuse ConnectWise Control software to deliver Zeppelin ransomware
Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed "Zeppelin", a variant of the VegaLocker ransomware family.