vulnerability
Cisco Prime Home flaw allows hackers to reach into people’s homes
Cisco has patched a critical authentication bypass vulnerability that could allow attackers to completely take over Cisco Prime Home installations, and through them mess with …
WordPress kept users and hackers in the dark while secretly fixing critical zero-day
Last week WordPress released the newest version (4.7.2) of the popular CMS, ostensibly fixing three security issues affecting versions 4.7.1 and earlier. What the WordPress …
Can your Netgear router be hijacked? Check now!
Yesterday, researcher Simon Kenin of Trustwave SpiderLabs released information about an authentication bypass flaw affecting a wide variety of Netgear routers, as well as PoC …
The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Remote attackers can force Samsung Galaxy devices into never-ending reboot loop
A single SMS can force Samsung Galaxy devices into a crash and reboot loop, and leave the owner with no other option than to reset it to factory settings and lose all data …
Cisco WebEx extension opens Chrome users to drive-by malware attacks
Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …
Advancing a standard format for vendors to disclose cybersecurity vulnerabilities
Technology providers and their customers are joining forces to advance a standard format for vendors to disclose cybersecurity vulnerabilities. The work of the new OASIS …
Massive Oracle Critical Patch Update fixes 270 vulnerabilities
Oracle has released the first Critical Patch Update scheduled for 2017, and it’s massive. It fixes 270 vulnerabilities across multiple products, and over 100 of them are …
Samsung SmartCam can be easily hijacked
At least one type of Samsung SmartCam cameras can be taken over by remote attackers who just need to know the vulnerable camera’s IP address. The remote code execution …
FDA urges patients to implement patch to secure their cardiac implants
Patients who have been implanted with pacemakers and defibrillators manufactured by US-based St. Jude Medical are urged to make sure that their Merlin@home Transmitter unit is …
Addressing the challenges of vulnerability coordination
The FIRST Vulnerability Coordination Special Interest Group (SIG) made available for public comment through January 31, 2017 the draft Guidelines and Practices for Multi-party …
Nagios Core 4.2.4 closes serious root privilege escalation bug
If you’re using Nagios Core to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release …