vulnerability
![Fisher-Price Smart Toy](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194531/smart-toy-400x200.png)
Security flaws discovered in smart toys and kids’ watches
Rapid7 researchers have unearthed serious flaws in two Internet of Things devices: The Fisher-Price Smart Toy, a “stuffed animal” type of toy that can interact …
![Malwarebytes](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194534/malwarebytes-400x200.png)
Revelation of security bugs jumpstarts launch of Malwarebytes’ bug bounty program
Malwarebytes CEO Marcin Kleczynski has announced that the company has launched a bug bounty program in an effort to make its software more secure. “The Coordinated …
![Android](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194536/android-400x200.jpg)
Google plugs five critical Android vulnerabilities
Google has plugged nine Android security holes with its February Nexus security update. Of these, five are critical, four of high and one of moderate severity. Here’s …
![eBay](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194540/ebay-building-400x200.jpg)
Severe and unpatched eBay vulnerability allows attackers to distribute malware
Check Point researchers have discovered a severe vulnerability in eBay’s online sales platform, which allows criminals to distribute malware and run phishing campaigns. …
![HP](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194736/hp-400x200.jpg)
Is your HP enterprise printer hosting malware for hackers?
“If you’re concerned about security, put your printers are behind a firewall and, if it’s a Hewlett-Packard, make sure port 9100 isn’t open,” says security …
![Bug](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195248/bug-400x200.jpg)
OpenSSL bug that could allow traffic decryption has been fixed
The OpenSSL Project has pushed out new versions of the widely used OpenSSL cryptographic library, which incorporate patches for two distinct security bugs, and an update of …
![LG G3](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09194754/lg-g3-400x200.jpg)
Bug in pre-installed app opens LG G3 smartphone owners to data theft, phishing
Two BugSec researchers have discovered a serious vulnerability in LG’s G3 Android devices, which can be exploited to steal user data, mount phishing attacks, install …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195232/fortinet-400x200.jpg)
SSH backdoor found in more Fortinet devices, exploit attempts spotted in the wild
In case you missed it, Fortinet announced last week that the recently discovered FortiOS SSH backdoor – or, as they call it, “a management authentication …
![Magento](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09194919/magento-400x200.jpg)
Magento plugs XSS holes that can lead to e-store hijacking, patch immediately!
Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a …
![labyrinth](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09194928/labyrinth-400x200.jpg)
“Deliberately hidden” backdoor found on US government’s comms system
Researchers from Austrian infosec outfit SEC Consult have unearthed what they dubbed a “deliberately hidden backdoor account” in NX-1200, a network controller …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09194954/windows-blue-400x200.jpg)
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
![Tux](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195006/tux-216x200.png)
0-day in Linux kernel endangers Linux servers, Android devices
A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?