Vulnerability in WhatsApp and Telegram allowed complete account takeover
Check Point researchers today revealed a new vulnerability on WhatsApp and Telegram’s online platforms – WhatsApp Web & Telegram Web. By exploiting this vulnerability, …
Microsoft pushes out patches for critical Flash Player vulnerabilities
Microsoft has skipped its February 2017 Patch Tuesday and postponed the release of those patches for March, but there are apparently security vulnerabilities that must be …
Critical Linux bug opens systems to compromise
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …
Cisco plugs critical hole in Prime Home management platform
Cisco has released nine security alerts on Wednesday, and among these are two for critical vulnerabilities in its ASR 900 Series routers and the Cisco Prime Home management …
Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
Cisco starts publishing fixes for EXTRABACON exploit
Starting last Wednesday, Cisco has begun publishing fixes for the SNMP RCE flaw in the software of its Adaptive Security Appliances (ASA), which can be triggered through the …
Bug in Chrome’s PDF reader allows arbitrary code execution
Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …
Researchers release PoC exploit for broken IBM Java patch
Polish firm Security Explorations has had enough of broken patches for security vulnerabilities it has reported to vendors. On Monday, the company’s CEO Adam Gowdiak has …
Critical gaps in IT departments’ approach to enterprise security
A new study by conducted by Ultimate Windows Security, released at RSA Conference, provides visibility into the uses, concerns and challenges that IT departments face in …
Year-old critical Magento flaw still exploited, payment info stolen
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …