Supermicro servers affected by various vulnerabilities
Eclypsium security researchers have found a new set of vulnerabilities in the management control firmware used on some Supermicro motherboards. As a result, more than 47,000 of the manufacturer's servers are vulnerable to attacks.
The vulnerabilities have been named USBAnywhere by the researchers. T... Read more
Serious vulnerabilities found in 40 drivers with Microsoft certification
Eclypsium security researchers have found serious vulnerabilities in more than 40 drivers of 20 hardware vendors. The researchers presented their work at the Def Conference in Las Vegas.
According to the researchers, the vulnerabilities can easily be exploited by hackers to use malware, writes Sili... Read more
WhatsApp vulnerabilities let hackers take over calls
WhatsApp appears to contain a series of vulnerabilities with which hackers can take over conversations. The vulnerabilities and three methods to abuse them were revealed this week by Check Point researchers Dikla Barda, Roman Zaikin and Oded Vanunu.
According to the researchers, the errors can enabl... Read more
QualPwn vulnerabilities in Qualcomm chipsets affect Android phones
In this month's Security Bulletin, Android has rolled out security updates that solve two dangerous vulnerabilities. The vulnerabilities are contained in Qualcomm chips and affect every device that is equipped with these chipsets.
The two vulnerabilities are called QualPwn together, writes ZDNet.... Read more
800,000 systems still vulnerable to Bluekeep
Over 800,000 systems are still vulnerable to Bluekeep, states security company BitSight Technologies. This is a vulnerability found in older versions of Microsoft's Remote Desktop Protocol (RDP).
The Bluekeep vulnerability, also known as CVE-2019-0708, was discovered in May at the May 2019 Patch Tue... Read more
Serious vulnerability in Kubernetes patched
The Kubernetes project fixed a dangerous security flaw with a patch. The error could allow hacks where attackers run code on the host machine. The error has no impact on the Kubernetes system itself, but on kubectl (Kube Control). This is the official command-line facility for working with Kubernete... Read more
Cisco warns of two critical errors in data center equipment
Cisco has disclosed two critical vulnerabilities affecting core data center equipment. The vulnerabilities allow attackers to break into networks. Both errors were found during internal tests and a patch was released for them.
The first error is in the Digital Network Architecture (DNA) Center appl... Read more
Adobe solves critical errors in Flash, ColdFusion and Campaign with update
Adobe has made its monthly patch update available. The June update solves a handful of vulnerabilities in Flash, ColdFusion and Campaign Classic. These are problems that can lead to arbitrary code execution in the company's software.
Adobe Flash had only a single vulnerability that is now being res... Read more
Google’s “Extremely Secure” Titan Security Key contains security flaw
Google's Titan Security Key has been found to contain a security error. The security keys have an incorrectly configured protocol for pairing with Bluetooth. This allows attackers to bypass encryption and take over user accounts.
Google revealed the error itself, writes Cloud Pro. If users try to lo... Read more
Researchers find vulnerabilities in Intel processors from 2011 and newer
Security researchers have found new vulnerabilities in Intel chips. The errors affect the vast majority of the processors that the company has released since 2011. Microsoft, Apple and other tech companies are now rolling out security updates to neutralize the four errors found.
The exception is a ... Read more