vulnerability
0-day flaw in Seagate NAS devices endangers thousands
Seagate’s Business Storage 2-Bay NAS line of products, which is popular both with home and business users, sports a zero-day remote code execution vulnerability that can …
Critical vulnerabilities affecting SAP business critical apps
Onapsis released five security advisories detailing vulnerabilities in SAP BusinessObjects and SAP HANA enterprise software. Included in the security advisories are three high …
Google scraps Pwnium, invites researchers to submit Chrome bugs year-round
Google is scrapping its annual Pwnium hacking competition which has been held for four years in a row at the CanSecWest conference in Vancouver, Canada, but that doesn’t …
Critical Samba flaw allows unauthorized remote code execution
Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw …
Mobile apps left vulnerable for months
McAfee Labs researchers found that mobile app providers have been slow to address the most basic SSL vulnerabilities: improper digital certificate chain validation. In …
Flaw makes Cisco routing hardware vulnerable to DoS attacks
A serious vulnerability affecting the software of some of Cisco’s routing hardware systems for telecommunications and Internet service providers could be exploited to …
Over 250,000 home routers sport same SSH keys, warns researcher
With a simple search, John Matherly, the creator of Shodan, has discovered with it more than 250,000 routers that share the same SSH key, meaning they also share the same …
Pwn2Own 2015: New rules, prizes, and potential problems
If you intend to participate in the Pwn2Own competition at the CanSecWest 2015 conference on March 18 and 19 in Vancouver, Canada, you would do well to consult with a legal …
Flaw in Netgear Wi-Fi routers exposes admin password, WLAN details
A number of Netgear home wireless routers sport a vulnerability that can be misused by unauthenticated attackers to obtain the administrator password, device serial number, …
Attackers can bypass Windows’ protections by changing a single bit
Among the many vulnerabilities that Microsoft patched on Tuesday is one that can be exploited to bypass all Windows security measures by, curiously enough, modifying a single …
Google Play flaw opens Android devices to silent malware installation
Android users are in danger of getting malicious apps silently installed on their devices by attackers, warns Rapid7’s Tod Beardsley, technical lead for the Metasploit …
Tens of thousands MongoDB databases easily accessible from the Internet
A group of students from Saarland University’s Center for IT-Security, Privacy and Accountability (CISPA) have discovered tens of thousands MongoDB databases accessible …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?