Windows 10 DHCP vulnerability allows for remote code execution

The vulnerability in Windows 10 and Windows Server 2019 gives attackers an entry point for further exploitation when combined with other vulnerabilities. A pair of vulnerabilities in the DHCP client in Windows 10 and Windows Server 2019 allows attackers to execute code remotely, according to researchers at security firm Positive Technologies. DHCP is used on wired and wireless networks to assign IP addresses and other network configuration information. “An attacker…

March 22, 2019
Read More >>

Data protection: Top 3 business challenges

More than a quarter of businesses experienced irreparable data loss in the past year, according to a Dell EMC survey. The amount of data enterprises are collecting and managing is exploding, and with that comes problems protecting it, according to a Thursday report from Dell EMC. More about Big Data The average amount of data managed rose from 1.45 PB in 2015 to 9.70 PB in 2018, the survey of…

March 22, 2019
Read More >>

Vulnerability in Android Instant Apps can be used to steal history, authentication tokens

Google’s Instant Apps feature allows you to try apps before installing them, though a vulnerability allows attackers to abuse the feature to steal data. A vulnerability in Android’s WebView component allows attackers to steal cookies and collect personal information—including browsing history and authentication tokens—according to Positive Technologies security researcher Sergey Toshin. The vulnerability, designated as CVE-2019-5765, was patched in January, though it is somewhat difficult to determine if you have…

March 21, 2019
Read More >>