vulnerability
LastPass zero-day can lead to account compromise
A zero-day flaw in the popular password manager LastPass can be triggered by users visiting a malicious site, allowing attackers to compromise the users’s account and …
Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, …
50+ vulnerabilities found in popular home gateway modems/routers
Researcher Gergely Eberhardt with Hungarian security testing outfit SEARCH Laboratory has unearthed over fifty vulnerabilities in five home gateway modems/routers used by …
Amazon Silk browser removes Google’s default encryption
Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon. A bug in the Amazon Silk …
Critical holes in Micro Focus Filr found, plugged
Popular enterprise file management and collaborative file sharing solution Micro Focus Filr sports half a dozen security flaws, most of which can be exploited – either …
Warframe, Clash of Kings players’ info stolen after forum hacks
Two new website hack/ user data theft combos have been revealed last week, and the victims are players of popular mobile real time strategy game Clash of Kings and online …
Dell SonicWALL GMS comes with hidden default account
While developing new audit modules for the company’s vulnerability scanning technology, Digital Defense researchers found six vulnerabilities in Dell’s SonicWALL …
Vulnerabilities affecting SAP HANA and SAP Trex put 10,000 customers at risk
Onapsis released new security advisories detailing vulnerabilities in SAP HANA and SAP Trex. Included in the advisories is a critical risk vulnerability that could be used to …
Cisco plugs critical flaw in data center operations management solution
Cisco has patched another critical vulnerability in its Unified Computing System Performance Manager software. Cisco UCS Performance Manager is a data center operations …
Oracle splats 276 bugs with mammoth Critical Patch Update
In case you missed it, Oracle’s July 2016 Critical Patch Update is out, and it’s bigger than ever before. It plugs 276 security issues across hundreds of Oracle …
Slew of WP-based business sites compromised to lead to ransomware
If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been …
Flawed code hooking engines open endpoints to compromise
Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act