vulnerability
Critical 0-days found in CPE WAN Management Protocol
Check Point has released its findings of security concerns in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and …
Serious flaws in cell phone carrier control software found
At the Black Hat conference this week, two Accuvant researchers have disclosed serious security flaws in the carrier control software used in over 2 billion cellular devices …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Prioritizing vulnerabilities to close gaps where it matters
Core Security announced the latest version of the Core Attack Intelligence Platform, which consolidates, prioritizes and validates the overwhelming quantity of vulnerabilities …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
97% of Global 2000 remain vulnerable to due to Heartbleed
97 percent of Global 2000 organizations’ public-facing servers remain vulnerable to cyber attacks due to incomplete Heartbleed remediation, according to Venafi. This …
Researchers successfully attack Android through device’s speaker
A group of researchers from the Chinese University of Hong Kong have demonstrated that even applications with zero permissions can be used to launch attacks that allow …
AV engines are riddled with exploitable bugs
A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, proving not only that AV engines are …
40% of orgs running VMware still susceptible to Heartbleed
More than three months have passed since the discovery of the OpenSSL Heartbleed bug, and many systems are still vulnerable. According to data collected by data analytics …
Internet Explorer vulnerabilities increase 100%
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise