vulnerability
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Syringe infusion pumps can be fiddled with by remote attackers
A syringe infusion pump used in acute care settings sports eight vulnerabilities, some of which could be exploited by remote attackers to impact the intended operation of the …
Equifax breach: Sensitive info, SSNs of 44% of U.S. consumers accessed by attackers
Equifax, one of the three largest American credit agencies, has announced that it has suffered a “cybersecurity incident” affecting some 143 million U.S. …
Security flaw affects 750,000 Estonian ID cards
An international group of cryptographers has flagged a serious security vulnerability in the chip embedded in Estonian ID cards, the country’s Information System …
Easily exploitable Apache Struts vulnerability opens businesses to attack
A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. …
Hackers stole contact info of 6 million Instagram users and are selling it online
Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number. Facebook-owned …
Advantech fixes serious vulns in WebAccess HMI/SCADA software
Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software …
Cisco unveils LabVIEW code execution flaw that won’t be patched
LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. …
Researchers figured out how to disable the Intel ME controller on Intel chipsets
Researchers have discovered that Intel Management Engine (Intel ME) 11, a dedicated (and non-optional) microcontroller integrated into all Intel chipsets, can be disabled …
Hacked robots can be a deadly insider threat
IOActive researchers have probed the security of a number of humanoid home and business robots as well industrial collaborative robots, and have found it seriously wanting. A …
Two Foxit Reader RCE zero-day vulnerabilities disclosed
Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one …