Bug Bounty FAQ: Top Questions, Expert Answers
Posted on Saturday September 26, 2020

Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals.

FortiGate VPN Default Config Allows MitM Attacks
Posted on Friday September 25, 2020

The client's default configuration for SSL-VPN has a certificate issue, researchers said.

Cisco Patch-Palooza Tackles 29 High-Severity Bugs
Posted on Thursday September 24, 2020

Patches and workaround fixes address flaws on networking hardware running Cisco IOS XE software.

Zerologon Patches Roll Out Beyond Microsoft
Posted on Wednesday September 23, 2020

A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability.

OldGremlin Ransomware Group Bedevils Russian Orgs
Posted on Wednesday September 23, 2020

The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March.

Google Chrome Bugs Open Browsers to Attack
Posted on Tuesday September 22, 2020

Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.

Known Citrix Workspace Bug Open to New Attack Vector
Posted on Tuesday September 22, 2020

Windows MSI files provide an opening for attackers even though the bug was mostly patched in July.

Microsoft Overhauls Patch Tuesday Security Update Guide
Posted on Tuesday September 22, 2020

Microsoft announced a new Security Guide to help cybersecurity professionals more quickly untangle relevant bugs in its monthly security bulletins.

Firefox 81 Release Kills High-Severity Code-Execution Bugs
Posted on Tuesday September 22, 2020

Mozilla has fixed three high-severity flaws with the release of Firefox 81 and Firefox ESR 78.3.

DHS Issues Dire Patch Warning for ‘Zerologon’
Posted on Monday September 21, 2020

The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability.