Doki Backdoor Infiltrates Docker Servers in the Cloud
The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet.
Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.
Vermont Taxpayers Warned of Data Leak Over the Past Three Years
A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online.
More Robust Network Partition Handling in Group Replication
As Group Replication (GR) matures and it is deployed in a myriad of different systems, we begin to witness specific network conditions that we must be able to cope with in order to make Group Replication more tolerant and robust to those failures.…
Critical Magento Flaws Allow Code Execution
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
Billions of Devices Impacted by Secure Boot Bypass
The “BootHole” bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
Critical Security Flaw in WordPress Plugin Allows RCE
WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.
Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems
Algorithms clocked error rates of between 5% to 50% when comparing photos of people wearing digitally created masks with unmasked faces.
OkCupid Security Flaw Threatens Intimate Dater Details
Attackers could exploit various flaws in OkCupid’s mobile app and webpage to steal victims’ sensitive data and even send messages out from their profiles.