Tag Archive for: Severe

Severe vulnerability in Cisco’s WebEx extension for Chrome leaves PCs open to easy attack

/in

Anyone who uses the popular Cisco WebEx extension for Chrome should update to the latest version pronto. Google security researcher Tavis Ormandy recently discovered a serious vulnerability in the Chrome extension that leaves PCs wide open to attack.

In older versions of the extension (before version 1.0.3) malicious actors could add a “magic string” to a web address or file hosted on a website. The magic string was designed to remotely activate the WebEx browser extension. Once the extension was activated the bad guys could execute malicious code on the target machine. 

To read this article in full or to leave a comment, please click here

Network World Security

Wandera has uncovered severe mobile data exposures that affect a high proportion of enterprises. Try it now for free.

/in
Wandera has uncovered a number of severe mobile data exposures that affect a high proportion of enterprises. Try it now for free.

Graham Cluley Security News is sponsored this week by the folks at Wandera. Thanks to the great team there for their support!

Wandera’s 2017 Mobile Leak Report found more than 200 mobile websites and apps leaking personally identifiable information across a range of categories – including those that are essential for work. Your employees might have been exposed to credit card theft, identity theft, or even the re-use of login credentials to access a corporate network.

Read the 2017 Mobile Leak Report to see which types of apps present the highest risk to your sensitive corporate data.

Mobile is indisputably the new frontier for cyber threats, as adoption of corporate mobility continues to grow, so too does the number of attacks. Businesses have become increasingly exposed to new threats, vulnerabilities and data leaks.

Wandera provides enterprise-grade threat defense against these mobile security risks, keeping devices secure across all four levels of protection as identified by Gartner. Try Wandera for free to assess and understand what is happening with your mobile data.

Wandera works with some of the biggest and best-loved brands in the world. Find out how your business could also benefit by having devices protected and managed at the data-level.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Graham Cluley

OpenSSL patches a severe but not widespread problem

/in

The OpenSSL project has patched a problem in the cryptographic library but one that likely does not affect many popular applications.

OpenSSL enables SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption. Most websites use it, which is indicated in Web browsers with a padlock symbol.

It’s an open-source library that is widely used in applications for secure data transfers. After serious vulnerabilities were found in OpenSSL over the last couple of years, the application has been under much scrutiny by security researchers.

The latest vulnerability affects versions 1.0.1 and 1.0.2. The updated versions are 1.0.2f and 1.0.1r.

To read this article in full or to leave a comment, please click here

Network World Security

Android Security Hole of the Week: Researchers ID New, Severe DoS Attack – CIO (blog)

/in

TechWeekEurope UK

Android Security Hole of the Week: Researchers ID New, Severe DoS Attack
CIO (blog)
This week's Android security hole of note is a newly discovered flaw in all versions of Google's Android OS for that could let Bad Guys execute Denial of Service (DoS) attacks and disable users' smartphones and tablets in two minutes or less.
Researchers Discover Android Denial Of Service ExploitTechWeekEurope UK

all 4 news articles »

“android security” – read more