vulnerability
GoDaddy fixes domain-hijacking vulnerability
Security engineer Dylan Saccomanni has discovered a critical CSRF vulnerability that can be exploited to take over domains registered with Go Daddy, and has forced the popular …
Oracle patches 169 vulns across its products, many are critical
On Tuesday Oracle released its quarterly Critical Patch Update, which addressed a total of 169 vulnerabilities across multiple products, including Java SE (Standard Edition). …
Home routers in Spain and Argentina sport critical vulnerabilities
Spanish security researcher Eduardo Novella has discovered two critical vulnerabilities affecting a specific ADB Pirelli home wireless router deployed by Spanish broadband …
Unfazed by Microsoft’s criticism, Google discloses another Windows 8.1 flaw
Google apparently has no mercy for Microsoft’s developers, and is determined to stick to its 90-day deadline for fixing software flaws, as it publicly released details …
WhiteHat Aviator browser is not secure, says Google developer
Late last week WhiteHat Security open sourced Aviator, its Chromium-based browser that has been marketed as “the most secure browser online.” The browser offers …
Corel DLL hijacking vulnerability could allow arbitrary command execution
Corel has developed a wide range of products including graphics, photo, video and office software. When a file associated with the Corel software is opened, the directory of …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Asus wireless router flaw opens network to local attackers
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Moonpig shamed for not fixing customer data exposing flaw
Moonpig, a popular UK-based firm that sells personalised greeting cards, has put the personal and financial information of over 3 million of its customers in danger by using a …
The hidden dangers of third party code in free apps
Research from MWR InfoSecurity has shown the various ways hackers can abuse ad networks by exploiting vulnerabilities in free mobile apps. When people install and use free …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments