vulnerability
1,500 iOS apps sport flaw that allows interception of sensitive user data
A bug in an older version of AFNetworking, an open source library widely used for adding networking capabilities to iOS and OS X apps, can allow attackers to intercept and …
Apple’s fix didn’t close Rootpipe backdoor
When TrueSec researcher Emil Kvarnhammar discovered a privilege escalation bug affecting OS X that could allow attackers to gain complete control of the target’s Mac …
Attackers actively downing Microsoft’s IIS web servers
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft’s Internet Information Services (IIS) extensible web server, SANS ISC CTO …
Exploit for crashing Minecraft servers made public
After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of …
D-Link’s failed patch for DIR-890L router adds a new hole
Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of …
Cisco splats router bug that can lead to persistent DoS
Cisco has patched a vulnerability that affects Cisco ASR 9000 Series Aggregation Services Routers and can be exploited by a remote, unauthenticated attacker to effectively …
New Java vulnerabilities remotely executable without login
It is extremely important that enterprises urgently patch their Java Runtime Environments (JREs) and (Java Development Kits) JDKs since 14 vulnerabilities addressed in this …
Adobe fixes Flash Player zero-day exploited in the wild
Adobe released a new version of Flash Player (17.0.0.169) for Windows and Macintosh, and for Linux (11.2.202.457). These security updates fix a host of critical …
18-year-old bug can be exploited to steal credentials of Windows users
A new technique for exploiting an 18-year-old bug in Windows Server Message Block (SMB), which would allow attackers to intercept user credentials, had been uncovered by …
Attackers can easily crack Belkin routers’ WPS PINs
A considerable number of routers manufactured by US-based Belkin use a flawed method for creating PINs for Wi-Fi Protected Setup (WPS), making them easily discoverable by …
TorLocker victims can decrypt most files without paying ransom
Crypto-ransomware rarely means good news for targets, but when it comes to TorLocker malware (detected as Trojan-Ransom.Win32.Scraper by Kaspersky Lab), the victims can …
Latest OS X update closes backdoor that allows root access
On Thursday Apple released another batch of updates for a variety of its products. The security update for OS X Yosemite (10.10.3) includes a fix for a four-year-old …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?