vulnerability
Latest OS X update closes backdoor that allows root access
On Thursday Apple released another batch of updates for a variety of its products. The security update for OS X Yosemite (10.10.3) includes a fix for a four-year-old …
MitM, DoS bugs in Network Time Protocol squashed
Two vulnerabilities affecting Network Time Protocol (NTP), which is used for synchronizing clocks of computer systems, have been patched and made available in the latest …
IoT devices facilitate robbery, stalking and cybercrime
The foundation of the Internet of Things (IoT) – the devices themselves plus their associated mobile applications and cloud services – are often not designed with …
Firefox loses opportunistic encryption feature due to critical flaw
Less than a week after it made Firefox 37 available for download, Mozilla is pulling one of the security features it implemented. Mozilla is urging users to update again, to …
Critical flaw in WiFi routers puts hotels and millions of guests at risk
A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been …
Crowdsourcing your bug bounty program
In this interview, David Levin, Director of Information Security at Western Union, talks about crowdsourcing their bug bounty program and the lessons learned along the way. …
Half of all Android devices vulnerable to installer hijacking attacks
A critical Android vulnerability that has been discovered over a year ago and responsibly disclosed to Google and other Android manufacturers can be exploited by attackers to …
15,435 vulnerabilities across 3,870 applications were recorded in 2014
In 2014, 15,435 vulnerabilities were discovered according to data from Secunia Research. The vulnerabilities are spread across 3,870 applications published by 500 different …
Old Adobe Flex SDK bug still threatens users of many high-profile sites
An old vulnerability affecting old releases of the Adobe Flex SDK compiler can be exploited to compromise user data of visitors to many popular sites, including three of most …
Flaw in Hilton Honors website left all customer accounts wide open
The discovery of a vulnerability in the Hilton HHonors website that could lead to account hijacking and information theft has put a temporary stop to Hilton Hotels & …
Cisco Small Business IP phones vulnerable to eavesdropping
Cisco has confirmed the existence of a flaw affecting its Small Business SPA 300 and 500 series IP phones that can be exploited by attackers to listen to the audio stream of …
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Featured news
Resources
Don't miss
- Product showcase: iStorage diskAshur PRO3
- As AI tools take hold in cybersecurity, entry-level jobs could shrink
- Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
- How to land your first job in cybersecurity
- World Health Organization CISO on securing global health emergencies