vulnerability
Angler exploit kit goes after new Adobe Flash 0-day flaw
An exploit for a still officially unconfirmed zero-day vulnerability in Adobe Flash Player has been added to the popular Angler exploit kit and is, along with exploits for …
GoDaddy fixes domain-hijacking vulnerability
Security engineer Dylan Saccomanni has discovered a critical CSRF vulnerability that can be exploited to take over domains registered with Go Daddy, and has forced the popular …
Oracle patches 169 vulns across its products, many are critical
On Tuesday Oracle released its quarterly Critical Patch Update, which addressed a total of 169 vulnerabilities across multiple products, including Java SE (Standard Edition). …
Home routers in Spain and Argentina sport critical vulnerabilities
Spanish security researcher Eduardo Novella has discovered two critical vulnerabilities affecting a specific ADB Pirelli home wireless router deployed by Spanish broadband …
Unfazed by Microsoft’s criticism, Google discloses another Windows 8.1 flaw
Google apparently has no mercy for Microsoft’s developers, and is determined to stick to its 90-day deadline for fixing software flaws, as it publicly released details …
WhiteHat Aviator browser is not secure, says Google developer
Late last week WhiteHat Security open sourced Aviator, its Chromium-based browser that has been marketed as “the most secure browser online.” The browser offers …
Corel DLL hijacking vulnerability could allow arbitrary command execution
Corel has developed a wide range of products including graphics, photo, video and office software. When a file associated with the Corel software is opened, the directory of …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Asus wireless router flaw opens network to local attackers
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Moonpig shamed for not fixing customer data exposing flaw
Moonpig, a popular UK-based firm that sells personalised greeting cards, has put the personal and financial information of over 3 million of its customers in danger by using a …