vulnerability
Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in …
Microsoft issues Fix it for critical IE 0-day exploited in attacks
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it …
Major vulnerability in Tinder dating app allowed user tracking
Include Security unveiled new research showing that users of the popular online dating app Tinder were at significant risk due to a vulnerability they discovered in the …
70% Android devices vulnerable to released remote access exploit
The recent release of a Metasploit module that allows attackers to remotely access (“get shell”) on most Android-running devices has again raised a very good …
Half a million Belkin WeMo users are wide open to attackers
IOActive has uncovered multiple vulnerabilities in Belkin WeMo Home Automation devices that could affect over half a million users. Belkin’s WeMo uses Wi-Fi and the …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Security vulnerability in the Duo WordPress two-factor authentication plugin
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures …
Absolute Computrace anti-theft software can be remotely hijacked
Kaspersky Lab’s security research team published a report confirming and demonstrating that the weak implementation of anti-theft software marketed by Absolute Software …
Older Flash Player vulnerability exploited in the wild
Microsoft researchers have also recently discovered several attacks in the wild exploiting another Flash Player vulnerability (CVE-2013-5330) on Windows, Linux and OS X. This …
Facebook bug prevents revocation of app permissions
Developers working for privacy software vendor MyPermissions claim to have discovered a critical vulnerability in Facebook’s code. The flaw can be exploited to make it …
Microsoft to keep next Patch Tuesday light
Microsoft continues the trend they started last month of keeping patch Tuesday relatively light. There are only five advisories this month – two critical, three …
Adobe Flash flaw exploited in the wild, update now
Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker …