Android Q is now Android 10. There are no more dessert-themed names for future Android versions, but that’s not something Android users should really be worrying about. Besides the big announcement about the whole Android rebranding that made splashes …Continue Reading
“A rash of supply chain attacks hitting open source software over the past year shows few signs of abating, following the discovery this week of two separate backdoors slipped into a dozen libraries downloaded by hundreds of thousands of server adminis…Continue Reading
Aug 24, 2019 9:01 am EDT | Medium Severity IBM Db2 Mirror for i configurations may be subject to this security vulnerability. A PTF for IBM i 7.4 and remediation steps are available. CVE(s): CVE-2019-4536 Affected product(s) and affected version(s):IBM…Continue Reading
Quasar Remote Access Trojan uses two methods to achieve persistence such as scheduled tasks and registry keys. Its capabilities include capturing screenshots, recording webcam, reversing proxy, editing registry, spying on the user’s actions, keylogging…Continue Reading
A vulnerability classified as critical was found in Palo Alto PAN-OS up to 8.1.9/9.0.3 (Firewall Software). This vulnerability affects an unknown part of the component
Session Handler . The manipulation with an unknown input leads to a memory corrupti…Continue Reading
The retirement of Python 2 will expose millions of systems which still depend on the outdated programming language, security officials have warned. Patching for Python 2 will cease by the end of the year, leaving developers unable to fix security flaws…Continue Reading
IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches.
Buffer overflow exposes unpatched Squid servers to RCE and DoS attacks.
Some ve…Continue Reading
PowerDNS: denial of service via NOTIFY Packets Synthesis of the vulnerability An attacker can trigger a fatal error via NOTIFY Packets of PowerDNS, in order to trigger a denial of service. Impacted software:
Severity of this computer vulnerability: 2/…Continue Reading
PowerDNS: denial of service via MASTER Zone Records Synthesis of the vulnerability An attacker can trigger a fatal error via MASTER Zone Records of PowerDNS, in order to trigger a denial of service. Impacted products:
Severity of this bulletin: 2/4. C…Continue Reading
What is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of IoA’s provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers are di…Continue Reading