vulnerability
Attackers actively exploiting Windows bug via malicious USB devices
In this month’s Patch Tuesday, Microsoft has released 14 bulletins and patches addressing a bucketload of vulnerabilities in a number of its products, including its new …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
HTC phone stores fingerprints in easily accessible plaintext
Pressing a finger on your mobile phone’s fingerprint scanner has to be the easiest, most seamless way to unlock the device, and this is why more and more manufacturers …
UK job recruiters network hit by hacker, user info dumped online
TEAM (The Employment Agents Movement), the largest network of independent recruiters in the UK, has been hit by a Saudi Arabian hacker that goes by the online handle JM511.The …
File-stealing Firefox bug exploited in the wild, patch immediately!
A critical Firefox vulnerability has been spotted being exploited in the wild.The bug, reported by security researcher Cody Crews, allows attackers to violate Firefox’ …
Vulnerabilities in 2015: 0-days, Android vs iOS, OpenSSL
Secunia has taken an early peek at the trend in vulnerabilities for 2015, and has presented the results at Black Hat USA 2015. Seven months into the year, the number of …
Easily exploitable Certifi-gate bug opens Android devices to hijacking
Check Point’s mobile security research team discovered a vulnerability in Android that affects phones, tablets and devices made by major manufacturers including LG, …
Microsoft expands Bug Bounty programs, increases rewards
Microsoft is continually tweaking its Bug Bounty programs, and the latest step in this evolution has been announced on Wednesday at Black Hat USA 2015.“We are raising …
Vulnerability and configuration management for Amazon Web Services
Alert Logic revealed at the Black Hat USA 2015 conference Alert Logic Cloud Insight, a cloud-native vulnerability and configuration management solution designed for customers …
Attackers are downing DNS servers by exploiting BIND bug
As predicted, the critical and easily exploitable flaw that affects all versions of BIND, the most widely used DNS software on the Internet, has started being exploited by …
79% of companies release apps with known vulnerabilities
The application development process is rampant with security risks due to current business pressures, according to new research released at Black Hat USA 2015 by Prevoty. From …
Best practice application security: Does it exist?
Unfortunately and unsurprisingly, website breaches have become an everyday occurrence. In fact, hacked websites have become so common that typically only the biggest data …