Researchers found a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.
Threatpost’s Tom Spring and Lindsey O’Donnell talk about the top security trends that they are watching out for at the 2018 RSA Conference this week in San Francisco.
Microsoft is looking to target new speculative execution side channel vulnerabilities – similar to Spectre and Meltdown – with a new bug bounty program.
Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr.
SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the remote system.