vulnerability
Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
Researchers hack Corvette via SMS to plugged-in tracking dongle
A team of researchers from the University of California, San Diego, have managed to hack a Corvette via specially crafted SMS messages sent to a tracking dongle (i.e. a …
Attackers actively exploiting Windows bug via malicious USB devices
In this month’s Patch Tuesday, Microsoft has released 14 bulletins and patches addressing a bucketload of vulnerabilities in a number of its products, including its new …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
HTC phone stores fingerprints in easily accessible plaintext
Pressing a finger on your mobile phone’s fingerprint scanner has to be the easiest, most seamless way to unlock the device, and this is why more and more manufacturers …
UK job recruiters network hit by hacker, user info dumped online
TEAM (The Employment Agents Movement), the largest network of independent recruiters in the UK, has been hit by a Saudi Arabian hacker that goes by the online handle JM511.The …
File-stealing Firefox bug exploited in the wild, patch immediately!
A critical Firefox vulnerability has been spotted being exploited in the wild.The bug, reported by security researcher Cody Crews, allows attackers to violate Firefox’ …
Vulnerabilities in 2015: 0-days, Android vs iOS, OpenSSL
Secunia has taken an early peek at the trend in vulnerabilities for 2015, and has presented the results at Black Hat USA 2015. Seven months into the year, the number of …
Easily exploitable Certifi-gate bug opens Android devices to hijacking
Check Point’s mobile security research team discovered a vulnerability in Android that affects phones, tablets and devices made by major manufacturers including LG, …
Microsoft expands Bug Bounty programs, increases rewards
Microsoft is continually tweaking its Bug Bounty programs, and the latest step in this evolution has been announced on Wednesday at Black Hat USA 2015.“We are raising …
Vulnerability and configuration management for Amazon Web Services
Alert Logic revealed at the Black Hat USA 2015 conference Alert Logic Cloud Insight, a cloud-native vulnerability and configuration management solution designed for customers …
Attackers are downing DNS servers by exploiting BIND bug
As predicted, the critical and easily exploitable flaw that affects all versions of BIND, the most widely used DNS software on the Internet, has started being exploited by …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?