vulnerability
OpenX / Revive Adserver zero-day actively exploited in the wild
A zero-day vulnerability that allows attackers to gain back-end access to popular open-source advertising server OpenX Source has been discovered by Florian Sander, founder of …
Mozilla blocks rogue add-on that made computers scan sites for flaws
A singular new botnet composed of over 12,500 infected computers has been used by its masters to effectively crowdsource the search for websites vulnerable to SQL injection …
Flaw in Nvidia’s rendering software allows hijacking of “computer farms”
A vulnerability in Nvidia mental ray, an extremely popular 3D-rendering software that is often used on “render farms”, could allow attackers to take control of …
Microsoft fixes 24 vulnerabilities
This Patch Tuesday features a solid 11 advisories affecting 6 different product types. All supported versions of Windows, Office, SharePoint, Exchange, Lync and a mixed bag of …
Disqus security flaw used to deanonymize online commenters
A security flaw in the API of popular blog comment hosting service Disqus can be exploited to reveal the email addresses of users, and therefore occasionally even their …
DARPA’s games crowdsource discovery of software flaws
The Defense Advanced Research Projects Agency (DARPA) has developed a series of games aimed at discovering whether large numbers of non-expert users can perform formal …
ENISA issues recommendations on SCADA patching
“How long can we afford having critical infrastructures that use unpatched SCADA systems?” the EU’s cyber security Agency ENISA asks, and advises EU Member …
Rogue apps can remove Android device locks
Security researchers from German IT consultancy Curesec have uncovered the existence of an Android flaw that could allow hackers to remove all existing device locks activated …
D-Link patches critical vulnerability in older routers
D-Link has released firmware patches for a number of its older routers sporting a critical authentication security bypass vulnerability discovered in October. The flaw was …
Lessons learned from Anonymous and Operation Last Resort
Activists that have links to Anonymous were able to gain access to U.S. government computers through a software flaw on the outdated Adobe ColdFusion platform. This left many …
Browser scan unveils an abundance of critical vulnerabilities
Through our Qualys BrowserCheck online tool we have collected data from over 1.4 million user computer scans and their respective browsers. From this research, we have found …
vBulletin.com hacked, hackers trying to sell info on 0-day used
The developers of popular Internet forum software vBulletin have announced late on Friday that their network has been attacked and successfully breached, and that the hackers …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege