vulnerability
Major vulnerability in Tinder dating app allowed user tracking
Include Security unveiled new research showing that users of the popular online dating app Tinder were at significant risk due to a vulnerability they discovered in the …
70% Android devices vulnerable to released remote access exploit
The recent release of a Metasploit module that allows attackers to remotely access (“get shell”) on most Android-running devices has again raised a very good …
Half a million Belkin WeMo users are wide open to attackers
IOActive has uncovered multiple vulnerabilities in Belkin WeMo Home Automation devices that could affect over half a million users. Belkin’s WeMo uses Wi-Fi and the …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Security vulnerability in the Duo WordPress two-factor authentication plugin
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures …
Absolute Computrace anti-theft software can be remotely hijacked
Kaspersky Lab’s security research team published a report confirming and demonstrating that the weak implementation of anti-theft software marketed by Absolute Software …
Older Flash Player vulnerability exploited in the wild
Microsoft researchers have also recently discovered several attacks in the wild exploiting another Flash Player vulnerability (CVE-2013-5330) on Windows, Linux and OS X. This …
Facebook bug prevents revocation of app permissions
Developers working for privacy software vendor MyPermissions claim to have discovered a critical vulnerability in Facebook’s code. The flaw can be exploited to make it …
Microsoft to keep next Patch Tuesday light
Microsoft continues the trend they started last month of keeping patch Tuesday relatively light. There are only five advisories this month – two critical, three …
Adobe Flash flaw exploited in the wild, update now
Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker …
Windows, IE, Java are most vulnerable
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what’s more, the number of critical …
GitHub sets up bug bounty program
GitHub is the latest service to announce that they have started a security bug bounty program. “The idea is simple: hackers and security researchers find and report …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege