vulnerability
Firefox loses opportunistic encryption feature due to critical flaw
Less than a week after it made Firefox 37 available for download, Mozilla is pulling one of the security features it implemented. Mozilla is urging users to update again, to …
Critical flaw in WiFi routers puts hotels and millions of guests at risk
A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been …
Crowdsourcing your bug bounty program
In this interview, David Levin, Director of Information Security at Western Union, talks about crowdsourcing their bug bounty program and the lessons learned along the way. …
Half of all Android devices vulnerable to installer hijacking attacks
A critical Android vulnerability that has been discovered over a year ago and responsibly disclosed to Google and other Android manufacturers can be exploited by attackers to …
15,435 vulnerabilities across 3,870 applications were recorded in 2014
In 2014, 15,435 vulnerabilities were discovered according to data from Secunia Research. The vulnerabilities are spread across 3,870 applications published by 500 different …
Old Adobe Flex SDK bug still threatens users of many high-profile sites
An old vulnerability affecting old releases of the Adobe Flex SDK compiler can be exploited to compromise user data of visitors to many popular sites, including three of most …
Flaw in Hilton Honors website left all customer accounts wide open
The discovery of a vulnerability in the Hilton HHonors website that could lead to account hijacking and information theft has put a temporary stop to Hilton Hotels & …
Cisco Small Business IP phones vulnerable to eavesdropping
Cisco has confirmed the existence of a flaw affecting its Small Business SPA 300 and 500 series IP phones that can be exploited by attackers to listen to the audio stream of …
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Pinterest swaps T-shirts for money rewards in bug bounty program
After having migrated their online properties to HTTPS and having sorted out the main problems that arose from the move, Pinterest is ready to pay researchers for information …
Many Android and iOS apps still vulnerable to FREAK attacks
Your browser may no longer be vulnerable to FREAK attacks, but what about the mobile apps you use? According to FireEye researchers, who have tested the most popular apps both …
Search for vulnerable servers unearths weak, thousands-times repeated RSA keys
A group of researchers from the Information Security Group from Royal Holloway, University of London, wanted to see how many TLS servers still supported the weak, export-grade …
Featured news
Sponsored
Don't miss
- Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
- LastPass users targeted by vishing attackers
- Protobom: Open-source software supply chain tool
- The key pillars of domain security
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)