vulnerability
EZCast TV streaming stick leaves home networks vulnerable to attack
Check Point researchers have discovered a vulnerability in the EZCast TV streaming stick that enables hackers to take full control of home networks. EZCast, which has five …
Bugs in Drupal’s update process could lead to backdoored updates, site compromise
Drupal’s update process is deeply flawed, says IOActive researcher Fernando Arnaboldi. He recently discovered three separate flaws in it, the worst of which could be …
HTTPS Bicycle attack reveals password length, allows easier brute-forcing
Dutch security researcher Guido Vranken has come up with a new attack that could allow attackers to discover the length of a user’s password – and therefore make …
Flaw in Comcast’s home security system lets burglars in without triggering alarm
Rapid7 researcher Phil Bosco has discovered a crucial flaw in the Comcast XFINITY Home Security system, which can be easily exploited by burglars to enter homes without …
Cisco Jabber flaw allows MitM attackers to wiretap communications
A vulnerability in Cisco’s Jabber client for Windows can be exploited by attackers to wiretap communications, steal user credentials, and to tamper with messages sent …
The Tor Project announces bug bounty program
Representatives of the Tor Project, the non-profit organization that maintains the software needed for using the Tor anonymity network and operates the Onion network, have …
ISC’s infocon turns yellow to reflect critical impact of Juniper backdoors
SANS Institute’s Internet Storm Center has raised its infocon status – the status of the condition of the Internet infrastructure – from green to yellow, …
Critical ScreenOS bugs allow undetectable decryption of VPN connections, device hijacking
Juniper Networks has discovered and patched a critical, high-impact vulnerability affecting ScreenOS on its NetScreen devices, and is advising customers to update their …
Linux machines can be “owned” by hitting backspace 28 times
Taking over a Linux machine that has been locked with a password can be as easy as pressing the backspace key 28 times, two researchers from the Cyber Security Research Group …
XSS, SQLi bugs found in several Network Management Systems
Network Management System (NMS) offerings by Spiceworks, Ipswitch, Opsview and Castle Rock Computing have been found sporting several cross-site scripting and SQL injection …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?