vulnerability
![Java](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194448/java-400x200.png)
Emergency Java update plugs system compromise hole
Oracle has issued an emergency security update for Java to plug a critical flaw (CVE-2016-0636) that could be exploited by luring users to visit a web page hosting the …
![CCTV](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113412/CCTV-400x200.jpg)
RCE flaw affects DVRs sold by over 70 different vendors
RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors …
![Head](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195332/head-400x200.jpg)
MITRE offers temporary solution to the CVE assignment problem
MITRE’s short-term solution to the problem of slow CVE assignment is to set up an experimental system for issuing federated CVE IDs using a new format. “(…) …
![Apple iOS 9](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113526/apple-ios9-400x200.jpg)
AceDeceiver iOS malware exploits Apple design flaw to infect non-jailbroken devices
Malware developers have found another hole in Apple’s iOS defenses, and this one, according to Palo Alto researchers, will be difficult to plug. The newly discovered …
![Android Marshmallow](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09194956/android-marshmallow-400x200.jpg)
Hotel replaces light switches with insecure Android tablets
Here’s another documented instance for the “insecure Internet of Things” annals, courtesy of CoreOS security developer Matthew Garrett. Garrett, who’s …
![point](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194338/point-400x200.jpg)
Bug in surveillance app opens Netgear NAS systems to compromise
A security vulnerability in the ReadyNAS Surveillance Application can be exploited by unauthenticated, remote attackers to gain root access to Netgear NAS systems, Sysdream …
![Library](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195203/library-400x200.jpg)
Infosec pros point at problem with CVE system, offer alternative
For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). Researchers who …
![Bug](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195248/bug-400x200.jpg)
Critical bug in libotr could open users of ChatSecure, Adium, Pidgin to compromise
A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers such as ChatSecure, …
![Android](https://img.helpnetsecurity.com/wp-content/uploads/2015/12/09195534/android-large-400x200.png)
Google plugs 19 holes in newest Android security update
In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …
![mobile fingerprint hack](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113722/mobile-fingerprint-hack-400x200.png)
Hack a mobile phone’s fingerprint sensor in 15 minutes
Two researchers from Michigan State University’s biometrics group have devised a method for hacking mobile phone’s fingerprint authentication by using just a color …
![](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195446/cisco-400x200.jpg)
Cisco removes weak default static credentials from its switches
Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …
![digital pentagon](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113842/twitter-pentagon-400x200.jpg)
Hack the Pentagon: Hackers asked to help secure public-facing systems
The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?