vulnerability
Light Patch Tuesday fixes six issues, two critical
Microsoft has released the patches and it is a relatively light month. Six issues in total, 2 Critical, 3 Important, 1 Moderate. OS administration teams will be busy, …
DPAPI vulnerability allows intruders to decrypt personal data
Passcape Software has discovered a DPAPI vulnerability that could potentially lead to unauthorized decryption of personal data and passwords of interactive domain users. The …
Security weakness found in WiFi enabled LED light bulb
Researchers at Context Information Security have been able to expose a security weakness in a WiFi enabled, energy efficient LED light bulb that can be controlled from a …
“Secure” UK hotel booking site leaking customer data
An infosec consultant looking to book a hotel via HotelHippo.com, owned by HotelStayUK, has ultimately discovered that the website is definitely not to be trusted with private …
Bug in WordPress plugin allows unauthorized file upload
WordPress users who also use the MailPoet plugin are urged to update it as soon as possible, as all versions but the latest one are plagued with a critical flaw that could …
Facebook SDK flaw allows unauthorized access to Facebook accounts
MetaIntell has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited …
PayPal 2FA flow partially mitigated, accounts are safe
In the wake of the revelation of a flaw that allows attackers to bypass PayPal’s two-factor authentication feature, the e-payment giant has made it temporarily …
Critical Android code-execution flaw affects all but the latest version
IBM researchers have discovered a critical security vulnerability in Android 4.3 (Jelly Bean) and below which could allow attackers to exfiltrate sensitive information – …
Drastic decline in vulnerable NTP servers due to Heartbleed?
In light of the escalation of DDoS attacks used as a means of extorting money from online businesses, the news that there has been a significant decrease in vulnerable Network …
Critical flaw exposes admin passwords of nearly 32,000 servers
Over 30,000 servers with Supermicro baseboard management controllers (BMCs) on their motherboards are offering up administrator passwords to anyone who knowns where to look, …
Microsoft patches DoS flaw in its Malware Protection Engine
Microsoft has released an update for its Malware Protection Engine to fix a privately reported security vulnerability that could allow a denial of service if the Microsoft …
Analysis of 3000 vulnerabilities in SAP
According to official information from SAP portal, more than 3000 vulnerabilities have been closed by SAP. Here are 6 highlights from a research conducted by the ERPScan team …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?