Two high-severity flaws in Dell’s client support tool, SupportAssist Client, could enable remote code-execution (RCE) and cross-site request forgery (CSRF) attacks. SupportAssist helps users remove Read More
Cloud storage misconfigurations continue to plague the data-privacy space, as evidenced by the new discovery of employment and health information for millions exposed on the Read More
The Retefe banking trojan resurfaced in April after going dormant for months, with a makeover that includes a move away from Tor to secure its Read More
A slew of strange security news stories made headlines this week, from scams to hacks. The Threatpost team breaks down the top stories that made Read More
Security researchers are reacting to a cybersecurity workforce executive order from the White House that came down yesterday, aimed at improving the level of cyber-expertise Read More
Multiple wireless presentation systems have critical vulnerabilities – including a remote command-injection glitch and an unauthenticated remote stack buffer overflow flaw. Wireless presentation systems allow Read More
D-Link has only partially patched critical flaws affecting its consumer WiFi camera, which allow hackers to intercept and view recorded video. They also allow attackers Read More
The open-source advertising platform Revive Adserver is urging customers to patch two vulnerabilities, one of which is critical and may have been exploited to allow Read More
New details are emerging in the April attack on systems consulting behemoth Wipro, which saw its network hacked and used for mounting attacks on a Read More
A variant of the Muhstik botnet has been uncovered in the wild, exploiting a recently-disclosed, dangerous vulnerability in Oracle WebLogic servers. The newfound samples of Read More