vulnerability
Authentication bypass flaw in Netgear SOHO routers exploited in the wild
A critical security vulnerability affecting nine Netgear router models is being exploited in the wild. The flaw that the attackers took advantage of allowed them to access the …
Attackers compromise Cisco Web VPNs to steal login credentials, backdoor target networks
Another Cisco product is being targeted by attackers looking for a permanent way into the computer networks and systems of various organizations, Volexity researchers …
Pen-testing drone searches for unsecured devices
You’re sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer …
Huawei 3G routers rife with flaws
South Korean security researcher Pierre Kim has revealed today that fifteen Huawei 3G routers have a slew of serious vulnerabilities – RCE, XSS, CSRF, DoS, …
Stagefright 2.0: A billion Android devices could be compromised
Most Android users are, once again, in danger of having their devices compromised by simply previewing specially crafted MP3 or MP4 files.Zimperium researchers, who were the …
Compromising Macs with simple Gatekeeper bypass
Patrick Wardle, director of research at security firm Synack, has discovered a worryingly simple way to bypass OS X’s Gatekeeper defense mechanism: just bundle up a …
500 million users at risk of compromise via unpatched WinRAR bug
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers …
Companies leave vulnerabilities unpatched for up to 120 days
Kenna studied the proliferation of non-targeted attacks and companies’ ability to mitigate these threats through the timely remediation of security vulnerabilities in their …
Too many vulnerable medical systems can be found online
How many critical medical systems can be found on the Internet, accessible to and hackable by remote attackers? According to security researchers Scott Erven and Mark Collao, …
Do security flaws with life-threatening implications need alternative disclosure?
If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) …
Vulnerabilities in security software leave users open to attacks
In most people’s minds, antivirus and security software equals better security. But thanks to security researchers who have taken it upon themselves to analyze some of …
WD My Cloud NAS devices can be hijacked by attackers
Researchers with security consultancy VerSprite have unearthed several vulnerabilities in Western Digital’s My Cloud NAS product, which can be exploited by local and …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade