Please turn on your JavaScript for this page to function normally.
Tor project
The Tor Project announces bug bounty program

Representatives of the Tor Project, the non-profit organization that maintains the software needed for using the Tor anonymity network and operates the Onion network, have …

Juniper Networks
ISC’s infocon turns yellow to reflect critical impact of Juniper backdoors

SANS Institute’s Internet Storm Center has raised its infocon status – the status of the condition of the Internet infrastructure – from green to yellow, …

match fire
Critical ScreenOS bugs allow undetectable decryption of VPN connections, device hijacking

Juniper Networks has discovered and patched a critical, high-impact vulnerability affecting ScreenOS on its NetScreen devices, and is advising customers to update their …

Tux
Linux machines can be “owned” by hitting backspace 28 times

Taking over a Linux machine that has been locked with a password can be as easy as pressing the backspace key 28 times, two researchers from the Cyber Security Research Group …

Bug
XSS, SQLi bugs found in several Network Management Systems

Network Management System (NMS) offerings by Spiceworks, Ipswitch, Opsview and Castle Rock Computing have been found sporting several cross-site scripting and SQL injection …

Broken glass
Critical RCE bug in FireEye’s security appliances exploitable via email

Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …

Joomla
Critical Joomla RCE bug actively exploited, patch immediately!

An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …

Flaws in industrial gas detectors exploitable by low-skilled attackers

Two industrial gas detector product lines manufactured by Honeywell sport two remotely exploitable vulnerabilities that can allow an attacker to retrieve the user’s …

Four critical Android bugs patched, one could lead to permanent device compromise

Google’s December security update for Android has been pushed out to Nexus devices on Monday, and it contains fixes for 19 vulnerabilities, four of which are deemed …

Millions of smartphones, IoT devices risk compromise due to 3-year-old bug

Can you believe that an estimated 6.1 million smart phones, routers, and smart TVs are vulnerable to remote code execution attacks due to security bugs that have been fixed …

High-impact DoS flaw patched in Node.js, update as soon as possible

The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …

Elasticsearch servers actively targeted by botmasters

Elasticsearch is one of the most popular choices when it comes to enterprise search engines.Unfortunately, a couple of remote code execution flaws (CVE-2015-5377, …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools