vulnerability
Questioning Google’s disclosure timeline motivations
The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet – particularly when very popular consumer-level software is the …
Apache server bug allows remote code execution
The existence of a “moderately critical” Apache HTTP Server vulnerability whose exploitation could allow attackers to compromise the system and execute arbitrary …
Google defines disclosure timeline for actively exploited bugs
The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …
Ruby on Rails bug is being exploited in the wild, researcher warns
Administrators of servers running Ruby on Rails are advised once again to upgrade to the latest versions of the framework (3.2.11, 3.1.10, 3.0.19, and 2.3.15), as a …
Google researcher reveals another Windows 0-day
Tavis Ormandy – the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding …
DHS employees’ info possibly compromised due to system flaw
U.S. Department of Homeland Security employees have begun receiving notifications about a vulnerability that has inadvertently made their personal information potentially …
A spotlight on grid insecurity
Drawing from responses from more than 100 utilities across America, a new report shows that the nation’s electric grid remains highly vulnerable to attacks from Iran and …
Experts highlight top data breach vulnerabilities
Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker. …
Free tool repairs critical Windows configuration vulnerabilities
Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and …
A look into the EC Council hack
Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …
IE8 0-day used in watering hole attacks
Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …
Top Android AV software fooled by common evasion techniques
A team of researchers from Northwestern University and North Carolina State University have tested ten of the most popular Android anti-virus software and have discovered that …
Featured news
Sponsored
Don't miss
- LastPass users targeted by vishing attackers
- Protobom: Open-source software supply chain tool
- The key pillars of domain security
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
- Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate