Researchers have found six serious bugs in Qualcomm’s Snapdragon mobile chipset.  The six bugs impact up to 40 percent of Android phones in use.  The flaws open up handsets made by Google, Samsung, LG, Xiaomi, and OnePlus to DoS and escalation-…

Researchers from Micro Focus Fortify have discovered more than 30 vulnerabilities in Microsoft SharePoint, Atlassian Confluence, and 18 other popular Content Management Systems (CMSs). CMSs enable the creation and modification of digital content for web…

Researchers at Barracuda Networks have discovered that cybercriminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and BEC attacks.  Barracuda researchers observed that 6,170…

The car security research team from Qihoo 360, called the Sky-Go Team, discovered over a dozen vulnerabilities in a Mercedes-Benz E-Class car by reverse-engineering the car's components using a  testbench they built. According to the researchers,…

Researchers have discovered a new vulnerability they are calling KrØØk (formally CVE-2019-15126).  KrØØk is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. Specifically, the bug…

A researcher at Oxford University demonstrated the potential exploitation of vulnerabilities in satellite broadband communications to intercept unencrypted web traffic through the use of an inexpensive satellite dish and a digital broadcasting satellite…

New research by threat analysts at Venafi reveals that the number of commodity malware campaigns exploiting machine identities doubled between 2018 and 2019. Applications and devices use machine identities that are made from cryptographic keys and…

Although smart home technologies are marketed to increase the convenience of our daily lives, many consumers still do not trust the privacy and security of these technologies. Researchers from WMG and Computer Science, University of Warwick, conducted a…

Security researchers at DBAPPSecurity have discovered an authentication bypass vulnerability, dubbed “BlueRepli.”  An adversary can bypass authentication by imitating a device that has previously been connected with a target. Victims do not need to…

Security researchers have discovered a high-risk vulnerability (CVE-2020-13699) in TeamViewer for Windows. If the vulnerability is exploited, remote attackers could crack the users’ password, which could lead to further system exploitation.  CVE-…

A team of researchers from the Internet of Things (IoT) security company Armis discovered a technique, dubbed EtherOops, that could be used to attack devices placed inside closed enterprise networks. According to the researchers, the method can only be…

A new report from Accurics, titled "The State of DevSecOps," reveals that the misconfiguration of storage services in over 90 percent of cloud deployments have led to more than 200 breaches in the past two years. These breaches have exposed more than 30…