vulnerability
Warding off security vulnerabilities with centralized data
This is the second article of a series, the first article is available here. File access permissions Having a system that lets you set the proper permissions and prevents …
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets
Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn. Instead on just …
Another API bug spurs Google to ditch consumer Google+ sooner than planned
Google has unearthed another Google+ API bug, which prompted it to accelerate the sunsetting of all Google+APIs and that of the consumer version of Google+. The API bug The …
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
Vulnerability discovered in safety controller configuration software
Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack
Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s …
Helping researchers with IoT firmware vulnerability discovery
John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through …
November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day
As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this …
DJI plugs security flaws that could have enabled access to users’ data and drone images
Researchers at Check Point and DJI today shared details of a potential vulnerability that could have impacted DJI’s infrastructure. Vulnerability impact If exploited, the …
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
Featured news
Resources
Don't miss
- Google agrees to pay $135 million over Android data harvesting claims
- SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!
- Open-source malware zeroes in on developer environments
- Hottest cybersecurity open-source tools of the month: January 2026
- A practical take on cyber resilience for CISOs