vulnerability
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
15 new bugs exploited at DEF CON router hacking contest
Security researchers taking part of the SOHOpelessly Broken hacking competition at this year’s edition of DEF CON have demonstrated 15 flaws affecting a number of small …
Data breaches and high-risk vulnerabilities continue to dominate
Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014. The severity of these attacks intensified against financial and …
Square launches bug bounty program
Popular California-based financial services and mobile payments company Square has set up a bug bounty program on the HackerOne platform. The announcement was made at a panel …
Blackphone rooted at DEF CON?
Blackphone, the recently released security-oriented smartphone, has apparently been rooted. The feat was executed at the DEF CON hacker conference, where Jon Sawyer …
US switch to chip-and-PIN cards not a panacea for fraud
The massive breach that Target suffered late last year was the proverbial straw that broke the camel’s back and made the company decide to move to chip-and-PIN card …
Critical 0-days found in CPE WAN Management Protocol
Check Point has released its findings of security concerns in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and …
Serious flaws in cell phone carrier control software found
At the Black Hat conference this week, two Accuvant researchers have disclosed serious security flaws in the carrier control software used in over 2 billion cellular devices …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Prioritizing vulnerabilities to close gaps where it matters
Core Security announced the latest version of the Core Attack Intelligence Platform, which consolidates, prioritizes and validates the overwhelming quantity of vulnerabilities …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
Featured news
Resources
Don't miss
- Product showcase: iStorage diskAshur PRO3
- As AI tools take hold in cybersecurity, entry-level jobs could shrink
- Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
- How to land your first job in cybersecurity
- World Health Organization CISO on securing global health emergencies