Microsoft releases emergency update to fix two serious Windows flaws

The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical. Microsoft on Tuesday released emergency security patches to plug a pair of serious vulnerabilities in its Windows Codecs library that impact several Windows 10 and Windows Server versions. Indexed as CVE-2020-1425 and CVE-2020-1457, the two remote-code execution (RCE) flaws … More Microsoft releases emergency update to fix two serious Windows flaws

Critical Android flaw lets attackers hijack almost any app, steal data

Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers. Researchers have found a critical flaw that affects nearly all devices running Android 9.0 or older, which implies that over 90% of Android users could be vulnerable. If exploited, the security hole allows hackers to hijack … More Critical Android flaw lets attackers hijack almost any app, steal data

Advances in ESET ransomware protection

There are a multitude of cybersecurity issues that enterprises must negotiate in the current digital landscape, including ransomware. Ransomware is a form of malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data. The devices in question include mobile phones and PCs but also extend to … More Advances in ESET ransomware protection

KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices

ESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices. ESET Research has published its latest white paper, KrØØk – CVE-2019-15126: Serious vulnerability deep inside your Wi-Fi encryption. This blogpost summarizes that white paper, authored by researchers Miloš Čermák, Robert Lipovský and Štefan Svorenčík. For updated … More KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices

Critical Bluetooth bug leaves Android users open to attack

Google releases a fix for the security hole that, if left unplugged, could allow attackers to run malicious code with no user interaction. Google has rolled out a security update to address a critical flaw in Android’s Bluetooth implementation that allows remote code execution without user interaction. The vulnerability, tracked as CVE-2020-0022, affects devices running Android … More Critical Bluetooth bug leaves Android users open to attack