vulnerability
Microsoft opens fuzz testing service to the wider public
Microsoft Security Risk Detection, a cloud-based fuzz testing service previously known under the name Project Springfield, is now open to all and sundry. Fuzz testing (i.e. …
Hackable smart car wash systems can hurt people
Two years after researchers Billi Rios and Terry McCorkle first flagged serious vulnerabilities in automatic, smart car wash systems by US manufacturer PDQ, the company is …
How to protect the power grid from low-budget cyberattacks
Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources …
Security vulnerabilities in radiation monitoring devices
IOActive researcher Ruben Santamarta has uncovered a number of cybersecurity vulnerabilities in widely deployed Radiation Monitoring Devices (RDMs), and has presented his …
Custom code accounts for 93% of application vulnerabilities
Although third-party software libraries represent a majority of an application’s code, they account for less than seven percent of application vulnerabilities. Typically, …
Apple patches critical Broadpwn vulnerability in its various OSes
Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws …
Hacker grabs $30 million in ether through Parity multisig wallet flaw
Another day, another cryptocurrency heist: this time, the attacker has stolen some $30 million in ether (ETH – value token of the Ethereum blockchain) from a number of …
Exploitable gSOAP flaw exposes thousands of IoT devices to attack
Researchers have unearthed a serious vulnerability in gSOAP, an open source, third-party code library used by thousands of IoT by many different manufacturers. Senrio Labs …
Critical security vulnerabilities enable full control of the Segway miniPRO electric scooter
New IOActive research exposes critical security vulnerabilities found in the Segway miniPRO electric scooter. If exploited, an attacker could bypass safety systems and …
Attackers are taking over NAS devices via SambaCry flaw
A Samba remote code execution flaw patched in May is being exploited to compromise IoT devices running on different architectures (MIPS, ARM, PowerPC, etc.), Trend Micro …
EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide
After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft …
Why Kodi boxes can pose a serious malware threat
When new streaming devices, such as the Amazon Firestick and Apple TV, were first introduced, many were intrigued by the ease by which they could watch “over the …