vulnerability
Intel chips riddled with deadly flaws
As we’re waiting for security researchers to detail the Intel Management Engine vulnerability that can allow attackers to run undetectable, unsigned code on machines …
GitHub starts alerting developers of security vulnerabilities in dependencies
Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …
Critical flaw in Cisco collaboration products plugged
A critical vulnerability in a dozen Cisco collaboration products based on the Cisco Voice Operating System (VOS) could allow unauthenticated, remote attackers to gain access …
Critical flaws open Foscam C1 IP cameras to compromise
Cisco Talos researcher Claudio Bozzato has unearthed a dozen of critical vulnerabilities affecting the Foscam C1 series of indoor HD cameras. The Foscam C1 is one of the most …
Tor Browser flaw leaks users’ real IP address
The Tor Project has issued an emergency security bugfix release of Tor Browser, to prevent user IP address leakage due to a still unpatched Firefox bug. The bug is present …
Estonia blocks certificates on 760,000 ID cards due to identity theft risk
On 3 November 2017 at midnight, Estonia will block the certificates of 760,000 ID cards. The decision is the result of the discovery of a security vulnerability in the …
WordPress site admins: Update immediately!
If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice comes from the WordPress …
Oracle releases emergency Oracle Identity Manager patch
Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …
Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device
Check Point researchers have discovered a vulnerability in LG’s smart home infrastructure that could have allowed hackers to take over the legitimate user’s account and, …
Critical flaws in maritime comms system could endanger entire ships
IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. …
Cisco plugs WPA2 holes, critical Cloud Services Platform flaw
Cisco has released updates to address vulnerabilities in a wide variety of its products. Among these are updates fixing the WPA2 vulnerabilities that can be exploited in the …
Vulnerability in code library allows attackers to work out private RSA keys
Researchers have discovered a security vulnerability in the Infineon-developed RSA library, which could be exploited by attackers to discover the RSA private key corresponding …