Threat Post
The First Stop For Security News
-
Citrix Warns of Critical Flaws in XenMobile Server
Citrix said that it anticipates malicious actors "will move quickly to exploit" two critical flaws in its mobile device management software. -
TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic
App concealed the practice of gathering device unique identifiers using an added layer of encryption. -
Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal
The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware. -
Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft
One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer. -
Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules
A critical privilege-escalation flaw affects several popular Intel motherboards, server systems and compute modules. -
Critical Adobe Acrobat and Reader Bugs Allow RCE
Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader. -
Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development
The fundamental causes for the skill gap are myriad, starting with a lack of training and career-development opportunities. -
Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping
Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users. -
Researcher Publishes Patch Bypass for vBulletin 0-Day
Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug. -
Google Fixes Mysterious Audio Recording Blip in Smart Speakers
Google Home devices reportedly recorded noises even without the "Hey Google" prompt due to the inadvertent rollout of a home security system feature.
