Security News

• No recent updates.

• AMD Radeon Graphics Cards Open VMware Workstations to Attack
  Bug impacts VMware Workstation 15 running 64-bit versions of Windows 10 as the guest VM.
  
• Cisco Extends Patch for IPv6 DoS Vulnerability
  The bug was first found in 2016.
  
• Google Calendar Settings Gaffes Exposes Users’ Meetings, Company Details
  A configuration setting in Google Calendars does not sufficiently warn users that it makes their calendars public to all, a researcher argues.
  
• LastPass Fixes Bug That Leaks Credentials
  The company has patched a vulnerability that could allow malicious sites unauthorized access to usernames and passwords.
  
• Marketing Analytics Company Leaks Deep Profiles of Entire Ecuador Population
  Julian Assange is among those impacted.
  
• Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs
  Independent researchers found 125 different CVEs across 13 different router and NAS models.
  
• U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks
  Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity.
  
• New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
  ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market.
  
• WordPress XSS Bug Allows Drive-By Code Execution
  Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover.
  
• iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
  Apple will not fix the glitch until the release of iOS 13.1 later in September.