vulnerability
![dollar](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112427/dollar-400x200.jpg)
How to steal money from Instagram, Google and Microsoft
Some account options deployed by Instagram, Google and Microsoft can be misused to steal money from the companies by making them place phone calls to premium rate numbers, …
![Joomla!](https://img.helpnetsecurity.com/wp-content/uploads/2016/07/09111459/joomla-400x200.jpg)
Compromised Joomla sites are foisting ransomware on visitors
Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking …
![bug](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09112038/bug-400x200.jpg)
Microsoft splats bug that turns printers into drive-by exploit kits
In this month’s Patch Tuesday, Microsoft has released 11 sets of patches – 6 “critical” and 5 “important.” The good news is that none of …
![BMW ConnectedDrive](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111615/bmw-connected-400x200.jpg)
BMW ConnectedDrive flaws could be misused to tamper with car settings
Security researcher Benjamin Kunz Mejri has found two vulnerabilities in the BMW ConnectedDrive web portal/web application. About the vulnerabilities in BMW ConnectedDrive The …
![Bug](https://img.helpnetsecurity.com/wp-content/uploads/2015/12/09195653/software-762486_1280-400x200.jpg)
Unsung cybersecurity vulnerabilities in US infrastructure and utilities
This past May, the Internet was abuzz about a report by the Government Accountability Office (GAO) highlighting a number of outdated “legacy systems” still in use …
![Android Marshmallow](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111624/android-marshmallow-400x200.jpg)
Google fixes 108 bugs in July Android security update
Google has released an unusually hefty Android Security Bulletin for July. In fact, so many vulnerabilities have been fixed – 108 in all – that the patches come in …
![explode](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113434/explode-400x200.jpg)
Exploit for GNU wget RCE flaw revealed
Technical details about a serious vulnerability affecting all but the latest version of the GNU wget software have been released online, along with PoC exploit scenarios. …
![TPLINK admin](https://img.helpnetsecurity.com/wp-content/uploads/2016/07/09111643/tplink-admin-400x200.jpg)
TP-LINK loses control of two device configuration domains
Security researcher Amitay Dan warns that tplinklogin.net, a domain through which TP-LINK router owners can configure their devices, is no longer owned by the company, and …
![LibreOffice](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111701/libreoffice-400x200.jpg)
Easily exploitable LibreOffice flaw is a godsend for hackers
A serious LibreOffice flaw can be easily exploited by attackers to deliver malware on computers running a vulnerable version of the popular free and open source office suite. …
![Symantec](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112435/symantec-400x200.jpg)
Symantec, Norton AV products are riddled with serious flaws
Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and …
![uber bugs](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111743/uber-bugs-400x200.jpg)
14 bugs in Uber’s assets revealed sensitive info about drivers, riders
Researchers from consulting and technological audit outfit Integrity have discovered 14 bugs in a variety of Uber’s websites and mobile apps, most of which could reveal …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112836/google-chrome-400x200.jpg)
Chrome vulnerability lets attackers steal movies from streaming services
A significant security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?