vulnerability
Apache server bug allows remote code execution
The existence of a “moderately critical” Apache HTTP Server vulnerability whose exploitation could allow attackers to compromise the system and execute arbitrary …
Google defines disclosure timeline for actively exploited bugs
The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …
Ruby on Rails bug is being exploited in the wild, researcher warns
Administrators of servers running Ruby on Rails are advised once again to upgrade to the latest versions of the framework (3.2.11, 3.1.10, 3.0.19, and 2.3.15), as a …
Google researcher reveals another Windows 0-day
Tavis Ormandy – the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding …
DHS employees’ info possibly compromised due to system flaw
U.S. Department of Homeland Security employees have begun receiving notifications about a vulnerability that has inadvertently made their personal information potentially …
A spotlight on grid insecurity
Drawing from responses from more than 100 utilities across America, a new report shows that the nation’s electric grid remains highly vulnerable to attacks from Iran and …
Experts highlight top data breach vulnerabilities
Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker. …
Free tool repairs critical Windows configuration vulnerabilities
Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and …
A look into the EC Council hack
Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …
IE8 0-day used in watering hole attacks
Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …
Top Android AV software fooled by common evasion techniques
A team of researchers from Northwestern University and North Carolina State University have tested ten of the most popular Android anti-virus software and have discovered that …
IT security risks of features in connected cars
In an effort to provide new conveniences as well as meet physical security standards, many new consumer vehicles are offering more complex features. Click the image to view …
Featured news
Resources
Don't miss
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground