Vulnerabilities

PHP vulnerabilities patched

By

Developers patched multiple vulnerabilities in PHP that would have allowed remote code execution.

Vulnerabilities addressed in Apple TV 7.0.1, iOS 8.1 updates

By

The iOS 8.1 update comes with a fix to a vulnerability known as POODLE, which can enable an attacker to decrypt data protected by SSL.

Apple OS X Yosemite contains bug fixes, Security Update also released

By

Apple OS X Yosemite includes fixes for more than 40 vulnerabilities, including POODLE and Shellshock.

FireEye pegs top Java exploits and EKs using them

By

A report details the three most commonly exploited Java bugs affecting users.

Updates, changes to security, could lessen POODLE's bite

Updates, changes to security, could lessen POODLE's bite

By

Security pros urge operators and users to nix support for the popular, but antiquated, SSL v3.0.

Securing the autonomous vehicle

Securing the autonomous vehicle

We are now in the fast lane towards a driverless future. Will we have to brake for hackers?

Drupal core contains 'highly critical' SQL injection vulnerability

By

Upgrading to Drupal core 7.32 will address the vulnerability, which could lead to privilege escalation and arbitrary PHP execution if exploited.

POODLE exploits SSL 3.0 fallback

POODLE exploits SSL 3.0 fallback

By

Researchers at Google have discovered a flaw in SSL 3.0 that allows attackers to exploit the popular cryptography protocol and intercept communications.

Shellshock used to amass botnet and execute phishing campaign

By

Researchers found that the botnet contained 360 bots and was used to target Spanish-speaking Citibank customers.

Malicious ads on YouTube direct users to Sweet Orange exploit kit

By

The campaign targeted users running vulnerable versions of Internet Explorer.

Adobe fixes Flash Player, ColdFusion flaws

By

Adobe addressed nine Flash Player flaws in three CVEs, giving four bugs the company's highest priority rating.

On Patch Tuesday, Microsoft plugs 24 bugs, including three zero-days

On Patch Tuesday, Microsoft plugs 24 bugs, including three zero-days

By

For the month of October, the tech giant released eight patches, including three critical fixes.

Zero-day attackers exploit Windows kernel, Patch Tuesday brings fix

Zero-day attackers exploit Windows kernel, Patch Tuesday brings fix

By

FireEye researchers say that two zero-day flaws were used in separate, unrelated attacks.

Faulty UBC software exposed student financial information

By

Students at the University of British Columbia have been warned that their personal information may have been exposed thanks to a software bug.

Microsoft schedules nine bulletins for Patch Tuesday update

Microsoft schedules nine bulletins for Patch Tuesday update

By

Out of the nine bulletins, three will address critical RCE bugs in its products.

Cisco addresses numerous vulnerabilities in ASA software

Cisco addresses numerous vulnerabilities in ASA software

By

Many of the vulnerabilities can lead to a denial-of-service condition, but others could result in a full compromise of the affected system.

Google shells out $75K in bug bounties for Chrome 38 release

By

Google has paid more than $75,000 in bug bounties to security researchers who helped discover flaws patched in its recent release of Chrome 38.

Apple iOS 8 bug reportedly deleting iWork docs

By

MacRumors forum users are reporting that the bug is deleting their iCloud documents, and in some cases, the docs could be permanently lost.

What You Need to Know about Securing Access to Your Private Cloud

Moving enterprise apps to the cloud is becoming a very attractive option for organizations striving to cut IT costs while improving agility and scalability.

Mozilla patches Bugzilla bug that revealed details on flaws

By

Mozilla has updated its Bugzilla tracking program to patch security holes, including a flaw that exposed bugs that security researchers are patching.

The worst of Shellshock might have already passed

The worst of Shellshock might have already passed

By

Slightly more than a week after the bug's disclosure, the attacks on domains might have already peaked, according to new research.

Researchers release BadUSB code at Derbycon

By

Two months after SR Labs demonstrated that flaws allow malware to infect USB devices, two researchers have taken the code public.

Google bumps maximum Chrome bug bounty reward to $15K

By

A high-quality report with a functional exploit for a sandbox escape will earn a bug hunter $15,000, according to the new reward amounts.

Cash is king...for now

Cash is king...for now

By

A slide of a card at a POS system sure is convenient, but given last year's Target data theft and recent headlines about the Home Depot breach, some are questioning the safety of transactions.

Debate: Password managers are secure enough for enterprise users.

Chris Weber, co-founder, Casaba Security, and Geoffrey Vaughan, security consultant, Security Compass, go head to head on the use of password managers in the enterprise.

Android bug allowing SOP bypass farther reaching than initially thought

By

Researchers found that 42 out of the top 100 apps in the Google Play store with 'browser' in their names were vulnerable.

Apple addresses Bash bug with new update

By

The tech company issued an update for OS X Mavericks, Mountain Lion and Lion earlier this week.

Kevin Mitnick to sell zero-day exploits

By

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

Apple releases iOS 8.0.2 to quell buggy update complaints

Apple releases iOS 8.0.2 to quell buggy update complaints

By

The update comes soon after the company released iOS 8.0.1, which caused issues for iPhone 6 and iPhone 6 Plus users.

Attackers quick to exploit Bash bug, security industry responds quicker

Attackers quick to exploit Bash bug, security industry responds quicker

By

Less than a week after the vulnerability's discovery and only a day after it was revealed, cybercriminals began exploiting the bug to create botnets and determine future attacks.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US