vulnerability
TP-LINK loses control of two device configuration domains
Security researcher Amitay Dan warns that tplinklogin.net, a domain through which TP-LINK router owners can configure their devices, is no longer owned by the company, and …
Easily exploitable LibreOffice flaw is a godsend for hackers
A serious LibreOffice flaw can be easily exploited by attackers to deliver malware on computers running a vulnerable version of the popular free and open source office suite. …
Symantec, Norton AV products are riddled with serious flaws
Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and …
14 bugs in Uber’s assets revealed sensitive info about drivers, riders
Researchers from consulting and technological audit outfit Integrity have discovered 14 bugs in a variety of Uber’s websites and mobile apps, most of which could reveal …
Chrome vulnerability lets attackers steal movies from streaming services
A significant security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion …
Severe flaws patched in libarchive, dependent projects urged to follow
Three severe bugs that could be easily exploited to perform arbitrary code execution have been patched with version 3.2.1 of the libarchive open source multi-format archive …
The DAO is under attack, a third of its ether reserves stolen
The DAO, a digital Decentralised Autonomous Organisation that has been set up to support projects related to Ethereum, a public blockchain platform that allows programmable …
How attackers can hijack your Facebook account
Positive Technologies researchers have demonstrated that knowing a user’s phone number and how to exploit a vulnerability in the SS7 network is enough to hijack that …
Cisco’s small business Wi-Fi routers open to attack, no patch available
Security researcher Samuel Huntley has discovered four vulnerabilities in Cisco’s RV range of small business Wi-Fi routers, the worst of which could allow an …
Adobe Flash zero-day actively exploited in targeted attacks
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has …
Netgear removes crypto keys hard-coded in routers
Qualys security researcher Mandar Jadhav has discovered two serious vulnerabilities in Netgear D6000 and D3600 modem routers, which can be exploited to gain access to the …
Bug in Chrome’s PDF reader allows arbitrary code execution
Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …