vulnerability
OpenSSL “Heartbleed” bug undermines widely used encryption scheme
OpenSSL, an open-source cryptographic library that is the default encryption engine for popular Web server software and is used in many popular operating system and apps, …
Record year for Facebook bug hunters
With nearly 15,000 submissions – 687 of which were valid and eligible for awards – 2013 has been a record year for Facebook’s bug bounty program. Add to this …
Details for 30 Oracle Java Cloud Service flaws revealed
Polish security start-up Security Explorations has publicly released technical details and Proof-of-Concept code for 30 security vulnerabilities they found in Oracle Java …
European Cybercrime Centre warns about Windows XP security risks
The European Cybercrime Centre (EC3) at Europol warns about security risks related to the end of Windows XP support. After 8 April 2014, Windows will stop supporting its …
Android bug can push devices into an endless reboot loop
A Proof-of-Concept app exploiting a recently discovered Android vulnerability that triggers the continuous rebooting of an affected device was apparently also behind the …
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Flaws in Android update mechanism could turn apps into malware
A group of researchers from Indiana University and Microsoft Research have unearthed six Android vulnerabilities that can be exploited to turn apparently harmless apps into …
Full Disclosure mailing list closure elicits mixed reactions
The Full Disclosure mailing list has long been the perfect place for security researchers to disclose and discuss newly found vulnerabilities. But John Cartwright, one of its …
Gang wielding ColdFusion exploits expands botnet of hacked e-commerce sites
A German website of French automaker Citro?«n is the latest of the wide array of higher-profile webshop sites that have been compromised by a hacker gang leveraging Adobe …
Backdoor in Samsung Galaxy devices discovered
The developers of Replicant, a “fully free/libre version of Android”, have discovered a backdoor in a number of Samsung Galaxy devices that could allow attackers …
Criminals rush to exploit IE 0-day before the announced fix
Last week Microsoft has announced that today’s Patch Tuesday will include a fix for the critical IE zero-day vulnerability that was found exploited in watering hole …
GnuTLS library flaw opens way for MitM attacks
A critical cryptographic bug similar to the one recently discovered in iOS and OS X has been revealed to exist in the GnuTLS code library, widely used in open source software …
Featured news
Sponsored
Don't miss
- 100+ domains seized to stymie Russian Star Blizzard hackers
- October 2024 Patch Tuesday forecast: Recall can be recalled
- Best practices for implementing threat exposure management, reducing cyber risk exposure
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
- CUPS vulnerabilities could be abused for DDoS attacks