vulnerability
Hackers can use subtitles to take over millions of devices running VLC, Kodi, Popcorn Time and Stremio
Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting …
SCADA systems plagued by insecure development and slow patching
“Behind most modern conveniences, there exists a SCADA system somewhere that controls them,” Trend Micro researchers pointed out in a new report that delves in the …
Who’s responsible for fixing SS7 security issues?
The WannaCry ransomware onslaught has overshadowed some of the other notable happenings this month, including the spectacular Google-themed phishing/spamming attack, and the …
Joomla users: Update immediately to kill severe SQLi vulnerability
Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …
Who are we kidding? WannaCry is not a first
On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that is believed to have …
Apple issues security updates for macOS, iDevices
It’s time to patch your Mac, iDevices and software again: Apple has released security updates for MacOS (all the way back to Yosemite), iOS, watchOS, tvOS, iTunes, …
Stealing Windows credentials using Google Chrome
Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to …
HP pushes out fix for keylogging audio driver in its laptops
Swiss security consultancy Modzero revealed on Thursday that a number of HP laptops contain an audio driver that logs users’ keystrokes and stores them in an unencrypted …
40 Asus RT routers open to attack through web interface vulnerabilities
If you own an Asus RT wireless router, and you haven’t updated its firmware for a while, now is the time to do it. Researchers from Nightwatch Cybersecurity have …
Defeating Magento security mechanisms: Attacks used in the real world
DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in …
Google found over 1,000 bugs in 47 open source projects
In the last five months, Google’s OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects, and it’s ready to integrate even more of …
Microsoft plugs crazy bad bug with emergency patch
On Monday night, Microsoft released a critical out-of-band security update for the Microsoft Malware Protection Engine, to plug an easily exploitable bug that could allow …