vulnerability

Four high-profile vulnerabilities in HTTP/2 revealed
Imperva released a new report at Black Hat USA 2016, which documents four high-profile vulnerabilities researchers at the Imperva Defense Center found in HTTP/2, the new …

Kaspersky Safe Browser iOS app sports MITM SSL certificate bug
Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, …

Intel Crosswalk bug invalidates SSL protection
A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have …

Osram’s intelligent home lighting system is riddled with flaws
“Intelligent” home lighting system Osram Lightify sports a number of security vulnerabilities, some of which could lead to compromise of the product and the …

LastPass zero-day can lead to account compromise
A zero-day flaw in the popular password manager LastPass can be triggered by users visiting a malicious site, allowing attackers to compromise the users’s account and …

Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, …

50+ vulnerabilities found in popular home gateway modems/routers
Researcher Gergely Eberhardt with Hungarian security testing outfit SEARCH Laboratory has unearthed over fifty vulnerabilities in five home gateway modems/routers used by …

Amazon Silk browser removes Google’s default encryption
Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon. A bug in the Amazon Silk …

Critical holes in Micro Focus Filr found, plugged
Popular enterprise file management and collaborative file sharing solution Micro Focus Filr sports half a dozen security flaws, most of which can be exploited – either …

Warframe, Clash of Kings players’ info stolen after forum hacks
Two new website hack/ user data theft combos have been revealed last week, and the victims are players of popular mobile real time strategy game Clash of Kings and online …

Dell SonicWALL GMS comes with hidden default account
While developing new audit modules for the company’s vulnerability scanning technology, Digital Defense researchers found six vulnerabilities in Dell’s SonicWALL …

Vulnerabilities affecting SAP HANA and SAP Trex put 10,000 customers at risk
Onapsis released new security advisories detailing vulnerabilities in SAP HANA and SAP Trex. Included in the advisories is a critical risk vulnerability that could be used to …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise