Please turn on your JavaScript for this page to function normally.
Netgear D6000
Netgear removes crypto keys hard-coded in routers

Qualys security researcher Mandar Jadhav has discovered two serious vulnerabilities in Netgear D6000 and D3600 modem routers, which can be exploited to gain access to the …

Google Chrome
Bug in Chrome’s PDF reader allows arbitrary code execution

Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …

Facebook
Vulnerabilities in Facebook Chat and Messenger exploitable with basic HTML knowledge

Check Point’s security research team has discovered vulnerabilities in Facebook’s standard online Chat function, and its separately downloaded Messenger app. The …

Ubee EVW3226
Flaws in Ubee router can facilitate attacks on connected networks

Researchers have discovered five critical vulnerabilities in Ubee EVW3226, a VoIP cable modem router used by operators across Europe, which can be exploited to compromise the …

Lenovo
Lenovo tells users to uninstall vulnerable Accelerator app

In the wake of Duo Security’s report on the critical vulnerabilities sported by Original Equipment Manufacturer (OEM) updaters loaded on popular laptop and desktop …

KeePass
KeePass update check MitM flaw can lead to malicious downloads

Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security …

Bug
Bug poachers target businesses, demand money for bug info

Businesses are being hit with an extortion attempt based on attackers penetrating their network or websites and stealing corporate or user data. The attackers don’t say …

Twitter paid out $322,420 in bug bounties

Researchers have proven that bug bounties are a cheaper way for discovering vulnerabilities than hiring full-time bug hunters would be and, in the last few years, many …

LG G3
Check Point finds dangerous vulnerabilities in LG mobile devices

Check Point found two vulnerabilities which can be used to elevate privileges on LG mobile devices to attack them remotely. These vulnerabilities are unique to LG devices, …

industry
ICS-CERT warns about vulnerable SCADA system that can’t be updated

A web-based SCADA system deployed mainly in the US energy sector sports vulnerabilities that may allow attackers to perform configuration changes and administrative operations …

https
Faulty TLS implementation opens VISA sites, users to attack

A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …

Bug
WPAD name collision bug opens door for MitM attackers

A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools