Please turn on your JavaScript for this page to function normally.
Microsoft Azure
Azure AD Connect vulnerability allows attackers to reset admin passwords

A vulnerability in Azure AD Connect could be exploited by attackers to reset passwords and gain unauthorized access to on-premises AD privileged user accounts, Microsoft …

hole
Google researcher uncovers another RCE in Microsoft Malware Protection Engine

Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which …

Linux
Stack Clash bug could give root privileges to attackers on Unix, Linux systems

Qualys researchers have unearthed a serious privilege escalation bug affecting a wide variety of Unix and Unix-based operating systems, and has been working with vendors to …

camera
Foscam IP cameras riddled with gaping security holes

F-Secure researchers have discovered a bucketload of serious security vulnerabilities affecting IP cameras made by Chinese manufacturer Foscam. Even though notified months …

Magnify
Websites built by freelance developers are plagued with security failures

Websites developed by “budget” developers, without portfolios or references, tend to be plagued with critical security failures, research has shown. For this project, the …

IoT connection
For timely vulnerability information, unofficial sources are a better bet

From over 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75% were publicly reported online before they were published to the NIST’s centralized …

gap
Vulnerability affecting 1,000+ apps is exposing terabytes of data

A newly discovered backend data exposure vulnerability, dubbed HospitalGown, highlights the connection between mobile apps and insecure backend databases. Appthority …

Microsoft
8 RCE, DoS holes in Microsoft Malware Protection Engine plugged

After the discovery and the fixing of a “crazy bad” remote code execution flaw in the Microsoft Malware Protection Engine earlier this month, now comes another …

FreeRADIUS
Vulnerability opens FreeRADIUS servers to unauthenticated attackers

A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …

Android
New class of attacks affects all Android versions

Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include …

Broken glass
Critical Samba code execution hole plugged, patch ASAP!

The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …

Samsung Galaxy S8
Samsung Galaxy S8 iris scanner can be fooled with a printed photo

After demonstrating how easily Apple’s Touch ID can be fooled with a user fingerprint photographed from a glass surface, Chaos Computer Club (CCC) hacker …

Don't miss

Cybersecurity news