Login

Register

Login

Register

Tag

‘Bug
The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them. That...
Read More
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions. The flaw could have allowed attackers to pilfer users’ cookies, giving them full account access. They could also have automated those attacks at scale, said the researcher who discovered it, Evan Custodio. The bug uses a sneaky...
Read More
Let’s Encrypt has revealed that over one million of its HTTPS certificates containing a bug in its automatic validation code will not be revoked by the March 5 deadline, despite being non-compliant. The free TLS certificate organization discovered the flaw in late February. It lies in the code which checks for a Certificate Authority Authorization...
Read More
Security researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker. The problem lies with versions 1.3.4 and above and 1.6.1 and below of the ThemeGrill Demo Importer plugin, according to WebARX. The firm said that the bug could allow any unauthenticated...
Read More
Users of Dell SupportAssist should patch their software immediately to fix a software bug that could lead to arbitrary code execution, the PC vendor said this week. SupportAssist is a Dell software product that comes preinstalled on most of its Windows-based endpoints. It performs diagnostic tasks and streamlines the creation of support tickets for Dell...
Read More
The Danish government is under fire after an audit revealed that the personal identity numbers of over a fifth of the country’s population were leaked to US tech providers for five years. The issue was discovered by the Agency for Development and Simplification (Udviklings-og Forenklingsstyrelsen) which maintains the country’s tax office IT systems. It is...
Read More
Ransomware is one of the most feared cybercrime problems of the modern era. The idea of malware that scrambles your files and demands money to get them back is not new – the first widespread attack happened back in 1989 – but the scale of the threat has changed dramatically in the last few years....
Read More
Twitter has been forced to take action after discovering malicious actors taking advantage of an API bug to unmask users on the site by getting hold of their phone numbers. The social network discovered the issue on Christmas Eve last year after detecting a user employing a large network of fake accounts to exploit an...
Read More
Both Microsoft and the US government are warning computer users of a critical remote code execution (RCE) vulnerability in Internet Explorer, which is currently being exploited in the wild. The zero-day bug, CVE-2020-0674, exists in the way the scripting engine handles objects in memory in IE, according to a Microsoft advisory updated over the weekend. Attackers...
Read More
Under-fire foreign currency firm Travelex has claimed its first customer-facing services in the UK have gone live after a crippling ransomware attack in December, with experts suggesting an unpatched VPN bug may have been to blame. The London-headquartered business has been slammed by customers after the suspected Sodinokibi (REvil) ransomware struck on December 31, forcing...
Read More
Citrix has begun issuing patches for a serious vulnerability in its Application Delivery Controller (ADC) product which experts have warned is being exploited in the wild. The tech giant revealed the CVE-2019-19781 bug in ADC and its Citrix Gateway back in December. If successfully exploited, it could allow an unauthenticated attacker to perform arbitrary code execution....
Read More
On Monday this week, the big cybersecurity news was speculative. Was there a big, bad security bug in Microsoft Windows waiting to be announced the next day? On Tuesday, the big news was the announcement that everyone had been guessing about. Yes, there was a big bad bug, and it was in the Windows CryptoAPI....
Read More
Security researchers are warning of a new critical vulnerability affecting multiple cable modem manufacturers that use Broadcom chips — exposing hundreds of millions of users to remote attacks. Discovered by three researchers from security consultancy Lyrebirds and an independent, the so-called “Cable Haunt” bug (CVE-2019-19494) is described as a buffer overflow, “which allows a remote...
Read More
Right at the end of 2019, we wrote about the “decade-ending Y2K bug that wasn’t” in a serious article with a humorous side. In that article, we described a perennial “gotcha” facing Java programmers faced with the simple task of printing out the year. If you tell Java to treat the date as four digits...
Read More
Google has tweaked its Project Zero disclosure policy in a bid to drive more thorough patch development and improved adoption. The new direction for 2020 centers around one major change: from January 1 this year the firm will implement a full 90-day disclosure policy regardless of when a vulnerability is fixed by a vendor. In...
Read More

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW