vulnerability
Compromising Macs with simple Gatekeeper bypass
Patrick Wardle, director of research at security firm Synack, has discovered a worryingly simple way to bypass OS X’s Gatekeeper defense mechanism: just bundle up a …
500 million users at risk of compromise via unpatched WinRAR bug
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers …
Companies leave vulnerabilities unpatched for up to 120 days
Kenna studied the proliferation of non-targeted attacks and companies’ ability to mitigate these threats through the timely remediation of security vulnerabilities in their …
Too many vulnerable medical systems can be found online
How many critical medical systems can be found on the Internet, accessible to and hackable by remote attackers? According to security researchers Scott Erven and Mark Collao, …
Do security flaws with life-threatening implications need alternative disclosure?
If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) …
Vulnerabilities in security software leave users open to attacks
In most people’s minds, antivirus and security software equals better security. But thanks to security researchers who have taken it upon themselves to analyze some of …
WD My Cloud NAS devices can be hijacked by attackers
Researchers with security consultancy VerSprite have unearthed several vulnerabilities in Western Digital’s My Cloud NAS product, which can be exploited by local and …
26 vulnerabilities found in parental monitoring application
A new Citizen Lab report details results of two independent audits of the privacy and security of Smart Sheriff, a parental monitoring application that has been promoted by …
Critical Bugzilla flaw allows access to unpatched vulnerability information
Mozilla has patched a critical vulnerability (CVE-2015-4499) in its popular open source bug-tracking Bugzilla software – a vulnerability that can be exploited by …
iOS 9 partially fixes critical, easily exploitable AirDrop bug
Apple has released iOS 9. Along with many new and improved security and privacy features, fixes for a bucketload of security vulnerabilities have been included in this latest …
Persistent XSS flaw in SharePoint 2013 revealed, patched
Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the …
Android 5 bug allows attackers to easily unlock password-protected devices
If you own a mobile device running any Android 5 version but the very last (v5.1.1) and you use a password to lock your device, you will want to update your OS or switch to a …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise