vulnerability
Corel DLL hijacking vulnerability could allow arbitrary command execution
Corel has developed a wide range of products including graphics, photo, video and office software. When a file associated with the Corel software is opened, the directory of …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Asus wireless router flaw opens network to local attackers
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Moonpig shamed for not fixing customer data exposing flaw
Moonpig, a popular UK-based firm that sells personalised greeting cards, has put the personal and financial information of over 3 million of its customers in danger by using a …
The hidden dangers of third party code in free apps
Research from MWR InfoSecurity has shown the various ways hackers can abuse ad networks by exploiting vulnerabilities in free mobile apps. When people install and use free …
Critical flaw on over 12M routers allows device hijacking, network compromise
A critical, easy to exploit vulnerability that opens more than 12 million SOHO routers around the world to remote compromise has been discovered by Check Point researchers. …
Critical Git flaw allows attackers to compromise developers’ machines
A critical vulnerability affecting all versions of the official Git client and all related software that interacts with Git repositories has been found and patched, and …
Researchers confirm multiple Google App Engine security sandbox bypasses
Polish firm Security Explorations, which announced last week that they found over 30 serious security issues in the Java security sandbox of the Google App Engine (GAE), has …
Two newcomers in the exploit kit market
Exploit kits are a great means to an end for malware distributors, who either buy them or rent them in order to widely disseminate their malicious wares. It’s no wonder …
Browser vulnerabilities to become biggest endpoint challenge
A growing number of flaws in web browsers is viewed as the biggest endpoint security headache by today’s IT decision-makers, according to Malwarebytes. With the number …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?