vulnerability
Flaw in Visa’s contactless payment system could lead to fraud
Researchers from Newcastle University have discovered a serious flaw in Visa’s contactless credit cards which could allow attackers to siphon large amounts of money off …
What’s jeopardizing the safety of your datacenter?
Datacenters are fraught with hidden operational hazards, and because virtual infrastructure is extremely complex and dynamic, many vulnerabilities go undetected and can be …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Easily exploitable Drupal bug can lead to total site compromise
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform – version 7.32 – because it fixes a critical SQL injection …
New OpenSSL updates fix POODLE, DoS bugs
The OpenSSL Project has pushed out new releases of the popular eponymous open-source cryptographic library, which fix four serious vulnerabilities, including the POODLE …
Facebook doubles bounties for bugs in ads code
Facebook has announced that all vulnerabilities affecting the company’s ads code will now be worth twice as much to the bug hunters who find and responsibly disclose …
Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
4 million UPnP devices may be vulnerable to attack
Akamai has observed the use of a new reflection and amplification DDoS attack that deliberately misuses communications protocols that come enabled on millions of home and …
POODLE vulnerability: The end of life of SSL 3.0
There is a critical security vulnerability in SSL 3.0 which allows attackers to calculate the plaintext of encrypted connections, and it will likely spell the end of the use …
Russian espionage group used Windows 0-day to target NATO, EU
In today’s Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a …
Featured news
Sponsored
Don't miss
- Ransom recovery costs reach $2.73 million
- What is cybersecurity mesh architecture (CSMA)?
- New SOHO router malware aims for cloud accounts, internal company resources
- Dropbox says attackers accessed customer and MFA info, API keys
- 2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element