vulnerability
Optionsbleed bug makes Apache HTTP Server leak data from memory
On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Syringe infusion pumps can be fiddled with by remote attackers
A syringe infusion pump used in acute care settings sports eight vulnerabilities, some of which could be exploited by remote attackers to impact the intended operation of the …
Equifax breach: Sensitive info, SSNs of 44% of U.S. consumers accessed by attackers
Equifax, one of the three largest American credit agencies, has announced that it has suffered a “cybersecurity incident” affecting some 143 million U.S. …
Security flaw affects 750,000 Estonian ID cards
An international group of cryptographers has flagged a serious security vulnerability in the chip embedded in Estonian ID cards, the country’s Information System …
Easily exploitable Apache Struts vulnerability opens businesses to attack
A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. …
Hackers stole contact info of 6 million Instagram users and are selling it online
Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number. Facebook-owned …
Advantech fixes serious vulns in WebAccess HMI/SCADA software
Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software …
Featured news
Resources
Don't miss
- Are we securing AI like the rest of the cloud?
- How exposure-enriched SOC data can cut cyberattacks in half by 2028
- Europe’s AI strategy: Smart caution or missed opportunity?
- Why AI agents could be the next insider threat
- Money mule networks evolve into hierarchical, business-like criminal enterprises