Security Vulnerabilities - /contrib/security_vulnerabilities

Whether you are running Windows, macOS or a Linux distro, if you're a Chrome user there is an extremely important update to install right now. Google has released Chrome 105.0.5195.102 for all three platforms to address the vulnerability which is trac

Homeland Security issued a rare warning about a Windows Server vulnerability that would give attackers complete control of every computer on a network. The CISA warning said at the time that it ass...

Security researchers have discovered another major Intel processor security vulnerability. It could allow attackers to install keyloggers at the hardware level, or defeat encryption and DRM protections.

Plus, WeLeakInfo? Not anymore! Roundup Welcome to another Reg roundup of security news....

Two years after first being disclosed, web cache deception attacks impact 25 of today's most popular websites.

Click the Start button, scroll down on the Start Menu, then select Windows Administrative Tools to expand it. Select Hyper-V Quick Create. In the following Create Virtual Machine window, select one of the four listed installers, then select Create Virtual Machine.Select New, then select the virtual

A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability (CVE-2019-11707) Mozilla did not share many details about the flaw it simply stated tha

Samsung may have an antennagate issue of its own with the Galaxy Tab S5e. The device loses substantial signal strength when held in certain orientations. The post Samsung's Latest Galaxy Tab S5e Has an Enormous Wi-Fi Flaw appeared first on ExtremeTech

A security researcher has gone rogue by publicly posting information on zero-day vulnerabilities in WordPress plugins.

Owners of a slew of D-Link, ARGtek, DSLink, Secutech, TOTOLINK and Cisco consumer routers are urged to update their device's firmware, lest they fall prey to ongoing DNS hijacking campaigns and device hijacking attacks. Targeted Cisco routers The Cisc

The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack.

Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites.

"My personal opinion is that when it comes to the memory subsystem, it's very hard to make any changes and it's not something you can patch easily with microcode without losing tremendous performance. So I don't think we will see a patch for this type of attack in the next five years and that could

WinRAR issues a new patch after a security vulnerability was found in its data compression tool. According to researchers from Check Point Software Technologies, the flaw is 19 years old and puts 500 million users at risk.

Secure enclaves are supposed to be just what the name implies, the most secure parts of a chip — the region that a computer's operating system isn't supposed to be able to intera...

You'll want to install the March update. Like right now if you can avoid broken networking Microsoft's January and February security fixes for Intel's Meltdown processor vulnerability opened up an even worse security hole on Windows 7 PCs and

A new study of 165 IT and security professionals at medium-sized companies across the US reveals that 53 percent believe their organization was breached one or more times in 2017. The report from security-as-a-service company Cygilant shows a lack of conf

Single sign on (SSO) is popular with businesses as it allows control of access to multiple resources without the need for lots of different credentials. But researchers at Duo Security have uncovered a vulnerability that can allow attackers to trick syste

Two of the worst vulnerabilities in years are slowly being fixedbut at a cost to consumers and companies alike.