vulnerability
XSS flaw in D-Link NAS devices allows attackers to mess with your data
Security researcher Benjamin Daniel Mussler has unearthed an XSS flaw affecting seven D-Link NAS devices – a flaw which could allow attackers to access the devices and …
Apple plugs three actively exploited iOS zero-days
Owners of Apple’s mobile devices are advised to upgrade to iOS version 9.3.5 as soon as possible, as it fixes three zero-day vulnerabilities actively exploited in the …
Mail.ru, Funcom gaming forums hacked, user databases stolen
Vulnerabilities in older versions of the popular vBulletin Internet forum software are being exploited left and right, and data of millions of forum users is being pilfered …
Hackers can easily take over cellphone towers, researchers found
Zimperium researchers have unearthed three critical vulnerabilities in widely used software running on base transceiver stations (BTS), i.e. the equipment that makes cellphone …
18-year-old random number generator flaw fixed in Libgcrypt, GnuPG
Researchers have discovered a “critical security problem” that affects all versions of the Libgcrypt cryptographic library and, therefore, all versions of the …
Sn1per: Automated pentest recon scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. “I originally created Sn1per because I didn’t want …
Bug in Rockwell’s PLCs allows attackers to modify firmware
There is an undocumented SNMP community string in Rockwell Automation’s MicroLogix 1400 programmable logic controllers that can be exploited by attackers to remotely …
Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Dota 2 Dev forum breached, nearly 2 million users affected
A hacker has breached the official Dota 2 Dev forum and made off with the entire forum database, which contains email addresses, usernames, IP addresses, and salted password …
New vulnerabilities affect over 900 million Android devices, enable complete control of devices
Check Point researchers have announced four new vulnerabilities that affect over 900 million Android smartphones and tablets at DEF CON in Las Vegas. QuadRooter is a set of …
Why VoIP security is crucial for organizations
With more organizations turning to VoIP (Voice over Internet Protocol) and cloud-based Unified Communications (UC) systems to underpin their commercial services and corporate …