British security officials have again raised concerns about Huawei equipment and said only ‘limited assurance’ could be given to long-term use of the kit
News vulnerabilities
Apple Email Flaw Exposed iPhones To Hacking
A flaw in Apple’s Mail app found on iPhones and iPad, has left devices susceptible to sophisticated attacks for years, ZecOps warns
Coronavirus: Zoom Promises Fixes For Security Issues
Widely used video-conferencing app Zoom apologies for security flaws, and promises to improve both safety and privacy going forward
Apple Fixed Tracking Flaws In Safari, But Google Director Disagrees
Google identified multiple privacy flaws in Apple’s Safari browser, which the iPad maker said it has fixed, but a Google director says it hasn’t
Google Project Zero Changes Controversial Disclosure Policy
Google security researchers are to change their rapid disclosure of security flaws – a policy that has angered many tech firms over the years
WhatsApp Bug Can Wipe Out Group Chats, Warns Check Point
Devastating bug found by Check Point that can permanently destroy group chats within WhatsApp with just one text
Patch Tuesday Fixes Zero-Day Flaw, As Windows 7 Cut Off Looms
Only one more Patch Tuesday update for Windows 7 users in January 2020, as Microsoft delivers its final security update of 2019
Intelligence Agencies Warn Of Flaw With VPN Products
Both the US NSA and UK NCSC warn hackers are actively exploiting vulnerabilities in VPN products
Microsoft Patch Tuesday Fixes 59 Flaws
Nine critical flaws patched, and the good news is there no-zero-day flaws requiring system admin attention
Cisco Patches Critical Flaw That Allowed Root Access To Guest OS
Critical flaw in Cisco IOS software could allow hackers to access the Guest Operating System as root user
Apple Patch Reopens Security Vulnerability
OS update for iPhone should not be installed as it reopens security flaw that was previously patched
WhatsApp Flaw Unpatched For Over A Year, Says Check Point
Facebook was told about WhatsApp flaw over a year ago, but the vulnerability remain exploitable today
Apple Disables Watch Walkie-Talkie App
Vulnerability could have allowed people to listen in, so Apple takes decision to disable app
Nokia Slams Huawei For ‘Serious’ Security Flaws – Updated
Update – Nokia says that the comments of its CTO does not reflect its official view on the matter.
All Docker Versions Vulnerable To Unpatched Flaw – Report
All versions of Docker are vulnerable to serious flaw, but a patch is being reviewed
Intel ‘Zombieload’ Fix Prompts Processor Slowdown Fears
Meltdown and Spectre flashback? Researchers warn of data centre processor slowdown from Zombieload fix
Intel ‘Spoiler’ Chip Flaw Uncovered By Researchers
Return of the Spectre scare? Spoiler flaw could allow attacker to exploit how a PC’s memory works
Cisco Fixes Critical Flaw In Surveillance Appliances
The company discovered an undocumented, hard-coded root account in its surveillance management software that could be exploited by hackers to take over a system
Intel CPUs At Risk From Foreshadow Flaw
Not again. Intel rocked by another data stealing vulnerability that affects the secure CPU enclave
Bluetooth Pairing Bug To Be Repaired
Update coming for Bluetooth after pairing vulnerability could see attacker intercept communications
LocationSmart Flaw Reveals Location Data Of US Mobile Users
Oops. Customers of all major US mobile carriers have their location data leaked without their consent
Patch Tuesday Tackles Two Flaws Under Active Attack
Security updates tackles 67 vulnerabilities in total, including two zero-days being actively attacked
Serious Oracle Access Manager Vulnerability Patched
Oracle patches a serious vulnerability that could allow an attacker to impersonate arbitrary users (even admins)
Schneider Electric Software Flaws Leave Critical Infrastructure Vulnerable
Researchers from Tenable say critical infrastructure is vulnerable to cyber-attacks because of flaws
GitHub Inspection Discovers 4 Million Flaws In Public Code
Bug hunting. First inspection run of public code libraries reveals four million vulnerabilities
Microsoft Disables Intel’s Spectre Patch
Microsoft issues emergency update to disable Intel’s Spectre 2 patch, amid reports of data loss caused by reboots
Apple MacOS Has ‘Another’ Password Flaw
Questions for Apple’s quality control after yet another password vulnerability found in Mac OS
Nvidia Updates Software But Denies Impact From Meltdown & Spectre
CEO claims that Nvidia GPUs are immune to the flaws currently blighting CPUs from Intel, ARM and AMD
Patch Tuesday: Microsoft’s Last Security Update Of 2017 Targets Browsers
Web browser vulnerabilities receive the most attention from Microsoft in its pre Christmas update
Apple To Patch Zero-Day Vulnerability With HomeKit And iOS
Apple security credentials once again in spotlight after zero-day iOS HomeKit vulnerability is revealed