VULNERABILITY MANAGEMENT

A $25 Raspberry Pi or similar tiny PCs could be used to hack SAP POS systems due to a critical vulnerability. SAP POS is client-server technology that belongs to the SAP for Retail line-up, it is widely adopted, it has

Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability dubbed “Orpheus’ Lyre” that allowed a threat actor to bypass authentication procedures. Researchers tracked down the flaw to Kerberos versions released in 1996. The bug affects

Computer security biz Preempt warned last October that Microsoft NT LAN Manager (NTLM) should be avoided. On Tuesday, it plans to support its assessment by going public with details of two vulnerabilities. NTLM is an old authentication protocol. Though it

Dell customers might be exposed to cyber-attacks as the pre-installed software includes vulnerabilities that could allow hackers to disable security solutions and to escalate privileges. Marcin ‘Icewall’ Noga of Cisco Talos has discovered 3 different vulnerabilities affecting select Dell systems, urging customers

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently being used in over 300,000 websites. The plugin enables site administrators to get detailed information related to

Microsoft is warning sysadmins to check their Azure Active Directory Connect configurations and implement a patch against a credential-handling vulnerability. Microsoft Azure AD (Active Directory) is often used by enterprises to provide employees and business partners single sign-on access to

Mozilla Firefox, one of the most popular web browser used across the globe has recently released a patch to fix 32 vulnerabilities in Firefox 54, the latest flagship of the browser. One of the bugs that were fixed was a

Researchers at Cisco Talos have reported finding a high severity code execution vulnerability in the LabVIEW system design software from National Instruments. According to Talos, LabVIEW 2016 version 16.0 is affected by a heap-based buffer overflow vulnerability which can be