Sophos said it is fixing a vulnerability in its Cyberoam firewall appliances, which a security researcher says can allow an attacker to gain access to a company’s internal network without needing a password. The vulnerability allows an attacker to remotely gain “root” permissions on a vulnerable device, giving them the highest level of access, by […] Source: Bug in popular firewall exposed corporate networks to hackers – TechCrunch
CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device. Source: D-Link Home Routers Open to Remote Takeover Will Remain Unpatched
Users of the iTerm2 terminal app are encouraged to update as soon as possible. Source: Critical remote code execution flaw fixed in popular terminal app for macOS
October 10, 2019
Windows 10 is spying on your every move: here’s why and how to stop it | Emsisoft | Security Blog
The Windows 10 privacy agreement isn’t so much a revelation as a sign of the times. This week, the Emsisoft team explored the ways in which Windows 10 harvests your personal data and what it is used for. Source: Windows 10 is spying on your every move: here’s why and how to stop it | Emsisoft | Security Blog
FBI warns about SIM swapping and tools like Muraen and NecroBrowser. Source: FBI warns about attacks that bypass multi-factor authentication (MFA) | ZDNet