vulnerability
Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …
Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo …
Spoofed IRS notice delivers RAT through link updating trick
The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails …
Optionsbleed bug makes Apache HTTP Server leak data from memory
On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Syringe infusion pumps can be fiddled with by remote attackers
A syringe infusion pump used in acute care settings sports eight vulnerabilities, some of which could be exploited by remote attackers to impact the intended operation of the …
Equifax breach: Sensitive info, SSNs of 44% of U.S. consumers accessed by attackers
Equifax, one of the three largest American credit agencies, has announced that it has suffered a “cybersecurity incident” affecting some 143 million U.S. …
Security flaw affects 750,000 Estonian ID cards
An international group of cryptographers has flagged a serious security vulnerability in the chip embedded in Estonian ID cards, the country’s Information System …