Apache Tomcat Affected by Serious 'Ghostcat' Vulnerability

A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution.

read more

from SecurityWeek RSS Feed https://ift.tt/2T6Gbde
via https://ifttt.com/ IFTTT

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity 'file read and inclusion bug'—which can

from The Hacker News https://ift.tt/3af3RSp
via https://ifttt.com/ IFTTT

Microsoft Boosts PUA Protections in Edge

Microsoft this week announced new features in its Edge browser to prevent the download of potentially unwanted applications (PUA).

read more

from SecurityWeek RSS Feed https://ift.tt/2vnp8KI
via https://ifttt.com/ IFTTT

ProtonMail Fights Email Spoofing With New DKIM Key Management Feature

ProtonMail on Thursday introduced a new feature designed to make it more difficult for hackers and spammers to impersonate users who have custom domain email addresses.

The new feature, DKIM key management, is currently in beta and users have been encouraged to share feedback to help ProtonMail developers improve it.

read more

from SecurityWeek RSS Feed https://ift.tt/2TrVf4d
via https://ifttt.com/ IFTTT

Assange's UK Extradition Hearing Paused Until May

A British judge on Thursday paused Julian Assange's extradition hearing following four days of intense legal wrangling over Washington's request for the WikiLeaks founder to stand trial there on espionage charges.

read more

from SecurityWeek RSS Feed https://ift.tt/393OUSZ
via https://ifttt.com/ IFTTT

Let's Encrypt Issues Over 1 Billion Certificates

Free and open certificate authority Let’s Encrypt on Thursday issued its billionth certificate, four and a half years after issuing the first certificate.

read more

from SecurityWeek RSS Feed https://ift.tt/2T6O1mV
via https://ifttt.com/ IFTTT

Киберпреступники активно ищут уязвимые Microsoft Exchange Servers

Эксперты в области безопасности предупреждают: киберпреступники в настоящее время активно сканируют Сеть на наличие уязвимых установок Microsoft Exchange Servers. Цель злоумышленников — эксплуатация бреши CVE-2020-0688, которая приводит к удалённому выполнению кода.

from Новости информационной безопасности - Anti-Malware.ru https://ift.tt/2Pw4Y8r
via https://ifttt.com/ IFTTT

Intel Patched Over 230 Vulnerabilities in Its Products in 2019

Intel patched over 230 vulnerabilities in its products last year, but less than a dozen impacted its processors, according to the company’s 2019 Product Security Report.

read more

from SecurityWeek RSS Feed https://ift.tt/2I0fbFY
via https://ifttt.com/ IFTTT