vulnerability
![smartthings hub](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112834/smartthings-hub-400x200.jpg)
Samsung’s smart home platform flaws let attackers fiddle with your doors
Researchers have managed to exploit design flaws in the Samsung SmartThings smart home programming platform and successfully mount a series of attacks that could result in …
![Facebook](https://img.helpnetsecurity.com/wp-content/uploads/2015/12/09195531/facebook-wide-400x200.jpg)
Facebook vulnerability allowed access to personal and payment information
Bitdefender has discovered a significant vulnerability within Facebook which allowed access to any user account through simple social login manipulation. The attacker was able …
![fix](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092943/aid2-400x200.jpg)
Shopware update fixes RCE bug that affects both shop and target system
Shopware, an open-source e-commerce software chosen by a number of big European companies to power their online shops, has recently pushed out a critical security update. The …
![HP](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194736/hp-400x200.jpg)
Critical flaws in HP Data Protector open servers to remote attacks
Hewlett Packard has released critical security updates for its HP Data Protector software, which fix vulnerabilities that could allow remote code execution or unauthorized …
![Nexus](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113041/nexus-400x200.jpg)
Flaw allows eavesdropping and tracking of mobile phone users
German hacker Karsten Nohl has demonstrated to the crew of CBS News’ 60 Minutes program how easy it can be for well-resourced attackers to eavesdrop on the phone calls …
![fire](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113053/fire3-400x200.jpg)
VMware plugs critical information-leaking hole
VMware has plugged a critical security issue in the VMware Client Integration Plugin, which could allow for a Man in the Middle attack or web session hijacking in case the …
![end of support](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113056/end-of-support-400x200.jpg)
Uninstall QuickTime for Windows today!
The time has come to deinstall QuickTime from your Windows machine. Trend Micro’s Zero Day Initiative has just released advisories (ZDI-16-241 and ZDI-16-242) detailing …
![servers](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113122/servers-400x200.jpg)
Cisco UCS servers can be hijacked with malicious HTTP request
A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, …
![samsung galaxy lock bypass](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113114/samsung-lock-bypass-400x200.jpg)
Samsung Galaxy devices can be made to make calls, send messages while locked
Half a dozen (and possibly even more) Samsung Galaxy phones can be made to place phone calls or send text messages even when they are locked, thanks to exposed USB modems. …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113125/microsoft-400x200.jpg)
Microsoft patches Badlock, but doesn’t call it critical
Microsoft just released several security bulletins, with six marked as critical and seven categorized as important. The biggest surprise (or disguise) came in the patch marked …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113415/apple-1-400x200.jpg)
Bug in OS X Messages client exposes messages, attachments
When in March Apple pushed out security updates for its many products, much attention has been given to a zero-day bug discovered by a team of Johns Hopkins University …
![fire](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113510/fire-400x200.jpg)
Google’s poor design decision undermines 2FA protection
A design decision by Google can be exploited by attackers to gain control of both devices needed to access users’ accounts protected via SMS-based 2-factor …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?