vulnerability
Twitter paid out $322,420 in bug bounties
Researchers have proven that bug bounties are a cheaper way for discovering vulnerabilities than hiring full-time bug hunters would be and, in the last few years, many …
Check Point finds dangerous vulnerabilities in LG mobile devices
Check Point found two vulnerabilities which can be used to elevate privileges on LG mobile devices to attack them remotely. These vulnerabilities are unique to LG devices, …
ICS-CERT warns about vulnerable SCADA system that can’t be updated
A web-based SCADA system deployed mainly in the US energy sector sports vulnerabilities that may allow attackers to perform configuration changes and administrative operations …
Faulty TLS implementation opens VISA sites, users to attack
A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …
WPAD name collision bug opens door for MitM attackers
A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to …
Almost all Android users vulnerable to Accessibility Clickjacking attacks
Symantec researchers recently posited that Android banking malware with screen overlay capabilities might soon start tricking users into turning on Android’s Accessibility …
Bug in Symantec’s anti-virus engine can lead to system compromise
Google Project Zero researcher Tavis Ormandy has unearthed a critical remote code execution vulnerability in the anti-virus engine powering Symantec’s endpoint security …
Latest Flash 0day exploit delivered via booby-trapped Office file
Four days have passed since Adobe patched the latest Flash Player 0day vulnerability exploited in attacks in the wild and, in the meantime, we have been given more details …
Mozilla fights in court to get info about potential Firefox flaw
Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser with them before they share it with …
SAP vulnerability exploited to compromise enterprises worldwide
A SAP vulnerability, patched over five years ago, is being leveraged to exploit SAP systems of many large-scale global enterprises, US-CERT warns. At least 36 organizations in …
Internet of Fail: How modern devices expose our lives
Should you sync your family’s calendar to your refrigerator or have it display photos? Samsung believes you should. They also think you need cameras that display the …
Web servers and sites under attack via ImageMagick zero-day flaw
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?