vulnerability
Critical macOS High Sierra bug allows easy root access
If you’re using a Mac, and are running macOS High Sierra, drop everything that you’re doing and go and apply this update. Why? What’s happening? Turkish …
PowerDNS patches five security holes in widely used nameserver software
PowerDNS, the company behing the popular open source DNS software of the same name, has pushed out security updates and patches for its Authoritative Server and Recursor …
Intel chips riddled with deadly flaws
As we’re waiting for security researchers to detail the Intel Management Engine vulnerability that can allow attackers to run undetectable, unsigned code on machines …
GitHub starts alerting developers of security vulnerabilities in dependencies
Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …
Critical flaw in Cisco collaboration products plugged
A critical vulnerability in a dozen Cisco collaboration products based on the Cisco Voice Operating System (VOS) could allow unauthenticated, remote attackers to gain access …
Critical flaws open Foscam C1 IP cameras to compromise
Cisco Talos researcher Claudio Bozzato has unearthed a dozen of critical vulnerabilities affecting the Foscam C1 series of indoor HD cameras. The Foscam C1 is one of the most …
Tor Browser flaw leaks users’ real IP address
The Tor Project has issued an emergency security bugfix release of Tor Browser, to prevent user IP address leakage due to a still unpatched Firefox bug. The bug is present …
Estonia blocks certificates on 760,000 ID cards due to identity theft risk
On 3 November 2017 at midnight, Estonia will block the certificates of 760,000 ID cards. The decision is the result of the discovery of a security vulnerability in the …
WordPress site admins: Update immediately!
If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice comes from the WordPress …
Oracle releases emergency Oracle Identity Manager patch
Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …
Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device
Check Point researchers have discovered a vulnerability in LG’s smart home infrastructure that could have allowed hackers to take over the legitimate user’s account and, …
Critical flaws in maritime comms system could endanger entire ships
IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. …