Mike Mimoso and Chris Brook recap the news of the week, including a Microsoft SMB zero day, the latest Netgear router vulnerability, and a new HTTPS milestone.
Tag Archives: Vulnerabilities
Microsoft Waits for Patch Tuesday to Fix SMB Zero Day
Microsoft said a Windows SMB zero day, which has a public proof-of-concept exploit available, is low risk and won’t be patched until an upcoming Patch Tuesday.
WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update
WordPress silently fixed a serious content injection vulnerability when it pushed out its latest security release, 4.7.2, last week
Latest Ubuntu Update Includes OpenSSL Fixes
Ubuntu users are encouraged to update their operating systems to the latest OpenSSL package versions to address a collection of vulnerabilities.
Flaws Found in Popular Printer Models
Researchers have found a half-dozen flaws in popular printer models that allow attackers to do everything from steal print jobs to conduct buffer overflow attacks.
Cisco Warns of Critical Flaw in Teleconferencing Gear
Cisco Systems is warning customers of a critical vulnerability affecting three of its TelePresence MCU platform models.
WordPress 4.7.2 Update Fixes XSS, SQL Injection Bugs
WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
Dridex Returns With Windows UAC Bypass Method
Dridex banking malware returns with a new bypass technique that allows the malware to execute without triggering a Windows UAC alert to the user.
Threatpost News Wrap, January 27, 2017
The Star Wars Twitter botnet, the return of Lavabit, a critical Cisco Webex flaw, and the St. Louis Library ransomware story are discussed.
Uber.com Backup Bug Nets Researcher $9K
A researcher earned $9K for identifying a XXE vulnerability in third party backup software used by Uber.