Information Security newsfeeds from around the world in English and French. Find it all in one place… here.
Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-users enough […]
Continue ReadingMicrosoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. […] Source: leepingcomputer.com
Continue ReadingRecent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. […] Source: leepingcomputer.com
Continue ReadingPlus: Russian sanctions, Europe’s SolarWinds fallout, and more of this week’s top security news. Source: Wired
Continue ReadingA large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone’s autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. […] Source: leepingcomputer.com
Continue ReadingIt has been a pretty quiet week with only a few large attacks disclosed and only a few new ransomware variants released. The highest-profile attack this week is the NBA’s Houston Rockets who were transparent about their ransomware attack. […] Source: leepingcomputer.com
Continue ReadingBy Habiba Rashid A hacker appears to be selling sensitive data they claim to have stolen from an OTP-generating company. Here’s what we know so far! This is a post from HackRead.com Read the original post: A hacker claims to be selling sensitive data from OTP generating firm Source: hack read com
Continue ReadingCybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This flaw stems from the improper buffer size […]
Continue ReadingCodecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers’ continuous integration (CI) environment. […] Source: leepingcomputer.com
Continue ReadingBy Deeba Ahmed These 1-click vulnerabilities in various popular software applications can let an attacker execute arbitrary code on targeted devices. This is a post from HackRead.com Read the original post: 1-click code execution vulnerabilities in popular software apps Source: hack read com
Continue Reading