vulnerability
Microsoft patches flaw exploited by Stuxnet – again
Among the vulnerabilities patched by Microsoft in this month’s Patch Tuesday is one that was supposedly patched back in 2010. The Windows Shell Shortcut Icon Loading …
Flaw in Dropbox SDK for Android lets attackers steal data sent to users’ account
Researchers from IBM’s security team have discovered an authentication flaw in the Dropbox Software Development Kit (SDK) for Android that can be exploited to capture …
Unpatched security vulnerabilities affecting Facebook
A web security researcher from Portugal has discovered several vulnerabilities affecting Facebook that he considers to be serious, but hasn’t had much success convincing …
Seagate acknowledges NAS 0-day, announces patch
After security researcher OJ Reeves publicly revealed the existence of a remote code execution zero-day flaw affecting Seagate’s Business Storage 2-Bay NAS line of …
US air traffic control system is riddled with vulnerabilities
A recently released report by the US Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to …
Flaw in GoPro update mechanism reveals users’ Wi-Fi passwords
A vulnerability in the update mechanism for the wireless networks operated by GoPro cameras has allowed a security researcher to easily harvest over a 1,000 login credentials …
D-Link fixes critical router flaws
D-Link has released new firmware for its DIR-820L Wi-Fi dual band cloud router, which fixes a number of security vulnerabilities. One of these can apparently be exploited by …
0-day flaw in Seagate NAS devices endangers thousands
Seagate’s Business Storage 2-Bay NAS line of products, which is popular both with home and business users, sports a zero-day remote code execution vulnerability that can …
Critical vulnerabilities affecting SAP business critical apps
Onapsis released five security advisories detailing vulnerabilities in SAP BusinessObjects and SAP HANA enterprise software. Included in the security advisories are three high …
Google scraps Pwnium, invites researchers to submit Chrome bugs year-round
Google is scrapping its annual Pwnium hacking competition which has been held for four years in a row at the CanSecWest conference in Vancouver, Canada, but that doesn’t …
Critical Samba flaw allows unauthorized remote code execution
Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw …
Mobile apps left vulnerable for months
McAfee Labs researchers found that mobile app providers have been slow to address the most basic SSL vulnerabilities: improper digital certificate chain validation. In …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments