Please turn on your JavaScript for this page to function normally.
Apache server bug allows remote code execution

The existence of a “moderately critical” Apache HTTP Server vulnerability whose exploitation could allow attackers to compromise the system and execute arbitrary …

Google defines disclosure timeline for actively exploited bugs

The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …

Ruby on Rails bug is being exploited in the wild, researcher warns

Administrators of servers running Ruby on Rails are advised once again to upgrade to the latest versions of the framework (3.2.11, 3.1.10, 3.0.19, and 2.3.15), as a …

Google researcher reveals another Windows 0-day

Tavis Ormandy – the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding …

DHS employees’ info possibly compromised due to system flaw

U.S. Department of Homeland Security employees have begun receiving notifications about a vulnerability that has inadvertently made their personal information potentially …

A spotlight on grid insecurity

Drawing from responses from more than 100 utilities across America, a new report shows that the nation’s electric grid remains highly vulnerable to attacks from Iran and …

Experts highlight top data breach vulnerabilities

Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker. …

Free tool repairs critical Windows configuration vulnerabilities

Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and …

A look into the EC Council hack

Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …

IE8 0-day used in watering hole attacks

Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …

Top Android AV software fooled by common evasion techniques

A team of researchers from Northwestern University and North Carolina State University have tested ten of the most popular Android anti-virus software and have discovered that …

IT security risks of features in connected cars

In an effort to provide new conveniences as well as meet physical security standards, many new consumer vehicles are offering more complex features. Click the image to view …

Don't miss

Cybersecurity news