Critical Bluetooth bug leaves Android users open to attack

Google releases a fix for the security hole that, if left unplugged, could allow attackers to run malicious code with no user interaction. Google has rolled out a security update to address a critical flaw in Android’s Bluetooth implementation that allows remote code execution without user interaction. The vulnerability, tracked as CVE-2020-0022, affects devices running Android … More Critical Bluetooth bug leaves Android users open to attack

New Internet Explorer zero‑day remains unpatched

You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix. Microsoft has released a security advisory alerting users to an as-yet unpatched vulnerability in its Internet Explorer (IE) web browser that is being exploited in limited targeted attacks. The zero-day, which is tracked as CVE-2020-0674, is a … More New Internet Explorer zero‑day remains unpatched

Mozilla rushes out patch for Firefox zero‑day

The US cybersecurity agency warns that the critical vulnerability could allow attackers to take control of people’s computers. Mozilla has rolled out a new version of its Firefox web browser to address a critical zero-day vulnerability that has been abused for targeted attacks. Details about the flaw and its exploitation are rather sparse, however. What little is … More Mozilla rushes out patch for Firefox zero‑day

ESET’s 20 cybersecurity tips for 2020

As we’re entering 2020, we’re also plotting out our New Year’s resolutions. Instead of suggesting what you should do next year, however, let’s have a look at some cybersecurity mistakes you should avoid for a more secure 2020. Denying you are a target You’ve probably already brushed off this possibility with contempt, thinking the chances … More ESET’s 20 cybersecurity tips for 2020

Microsoft issues patch for Internet Explorer zero‑day

The critical vulnerability could also be exploited via a malicious Microsoft Office document. Microsoft has shipped out a fix for a critical flaw in Internet Explorer (IE) that is being exploited in the wild. Tracked as CVE-2019-1429, the vulnerability is part of this month’s batch of regular security updates known as Patch Tuesday. The zero-day … More Microsoft issues patch for Internet Explorer zero‑day

First BlueKeep attacks prompt fresh warnings

The infamous vulnerability has been exploited for a cryptocurrency mining campaign, but more damaging attacks may still be in store. Ever since it was discovered six months ago, the BlueKeep vulnerability has had (not only) the cybersecurity community concerned about impending WannaCryptor-style attacks. Earlier in November, Microsoft together with security researchers Kevin Beaumont and Marcus Hutchins shed light on … More First BlueKeep attacks prompt fresh warnings