vulnerability
Yahoo says its servers weren’t Shellshocked
After researcher Jonathan Hall’s claims that a group of hackers has been exploiting the Bash Shellshock vulnerability to compromise a number of servers belonging to …
Android browser SOP bypass bug: Who’s affected, and what to do?
A security researcher has recently discovered not just one but two vulnerabilities in the Android Open Source Project (AOSP) browser that could allow attackers to bypass the …
Hackers exploit Shellshock bug, compromise Yahoo, WinZip servers
A group of hackers has successfully leveraged the recently discovered Bash Shellshock vulnerability to compromise a number of servers belonging to Yahoo, Lycos and Winzip, and …
Xen bug behind Amazon, Rackspace cloud servers reboot revealed
Last week, several of the largest public and private cloud providers such as Amazon and Rackspace have rebooted some of their servers after notifying users of the move and …
Researchers test EMET 5 protections, find them wanting
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) has once again failed to stop an attack mounted by researchers working with Offensive Security, the company …
Unpatched systems and apps on the rise
As the number of software vulnerabilities increases, and people connect across personal and corporate devices using a multitude of different platforms each day, time and time …
Joomla update fixes high risk bug that could lead to site compromise
The developer team behind the popular open-source content management system Joomla is urging users to update the software to the latest version – v3.3.6 (or v3.2.7 for …
Bash Shellshock bug: More attacks, more patches
As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it …
WordPress vulnerability database
Back in 2012, the fine folks behind the BruCON conference announced that from the 2013 edition of their popular event, a special budget will be allocated for supporting …
Bash “Shellshock” bug: Who needs to worry?
As expected, attackers have begun exploiting the GNU Bash “Shellshock” remote code execution bug (CVE-2014-6271) to compromise systems and infect them with …
Critical SSL flaw patched in Firefox, Thunderbird, Chrome
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug …
Critical Bash bug opens Unix, Linux, OS X systems to attacks
The Bash “shellshock” flaw (CVE-2014-6271) was discovered last week by Unix/Linux specialist Stephane Chazelas, and its existence was made public on Wednesday. It …
Featured news
Resources
Don't miss
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics
- How to use Hide My Email to protect your inbox from spam
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
- DeepSeek’s popularity exploited by malware peddlers, scammers