Microsoft warns of new BlueKeep‑like flaws

Unlike BlueKeep, however, these vulnerabilities affect more recent Windows versions, including Windows 10. Microsoft issued fixes for four critical vulnerabilities in Remote Desktop Services (RDS) this week, likening two of them to ‘BlueKeep’, another critical flaw in the same Windows component. All four Remote Code Execution (RCE) flaws – tracked as CVE‑2019‑1181, CVE‑2019‑1182, CVE‑2019‑1222 and CVE‑2019‑1226 – can be exploited by … More Microsoft warns of new BlueKeep‑like flaws

VLC player has a critical flaw – and there’s no patch yet

On the flip side, there are currently no known cases of the vulnerability being exploited in the wild. Germany’s national Computer Emergency Response Team (CERT-Bund) has issued a security advisory to alert users of VLC media player of a severe vulnerability affecting this extremely popular open-source software. “A remote, anonymous attacker can exploit the vulnerability in VLC … More VLC player has a critical flaw – and there’s no patch yet

Flaws in smart car alarms exposed 3 million cars to hijack

The vulnerabilities, which resided in associated smartphone apps, were both easy to find and easy to fix. Two smart alarm systems for cars have plugged critical security holes that put three million vehicles globally at risk of being hijacked, research by Pen Test Partners reveals. If exploited, the vulnerabilities would have enabled anyone to turn the alarm … More Flaws in smart car alarms exposed 3 million cars to hijack

Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites

The campaign’s goals aren’t immediately clear, as the malefactors don’t appear to be leveraging the hijacked websites for further nefarious purposes. Attackers have been exploiting a security weakness in a GDPR compliance plugin for WordPress to seize control of vulnerable websites, according to a blog post by Defiant, which makes Wordfence security plugins for the web … More Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites

Most routers full of firmware flaws that leave users at risk

If you own a Wi-Fi router, it may well be riddled with security holes that expose you to a host of threats. Five out of every six (83%) Wi-Fi routers in US homes and offices leave their users at risk of cyberattacks, because their firmware is inadequately updated for security vulnerabilities, research by The American Consumer … More Most routers full of firmware flaws that leave users at risk