vulnerability
SAP finally patches critical, remotely exploitable bugs in GRC solution
More than a year and a half after they have been reported to SAP AG, the company has issued a patch for a number of critical exploitable security vulnerabilities in its …
Website fined for leaking encrypted card details and decryption key
The UK Information Commissioner’s Office (ICO) is warning organizations that they must make sure their websites are protected against one of the most common forms of …
Linksys SOHO router owners urged to patch multiple vulnerabilities
Owners of a number of Linksys small office/home office routers have been urged last week to update their device’s firmware in order patch two vulnerabilities, one of …
OS X Yosemite sports serious privilege escalation bug
A Swedish researcher has unearthed a serious bug that affects the newest version of OS X – version 10.10, or Yosemite – and which could allow attackers to gain …
Flaw in Visa’s contactless payment system could lead to fraud
Researchers from Newcastle University have discovered a serious flaw in Visa’s contactless credit cards which could allow attackers to siphon large amounts of money off …
What’s jeopardizing the safety of your datacenter?
Datacenters are fraught with hidden operational hazards, and because virtual infrastructure is extremely complex and dynamic, many vulnerabilities go undetected and can be …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Easily exploitable Drupal bug can lead to total site compromise
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform – version 7.32 – because it fixes a critical SQL injection …
New OpenSSL updates fix POODLE, DoS bugs
The OpenSSL Project has pushed out new releases of the popular eponymous open-source cryptographic library, which fix four serious vulnerabilities, including the POODLE …
Facebook doubles bounties for bugs in ads code
Facebook has announced that all vulnerabilities affecting the company’s ads code will now be worth twice as much to the bug hunters who find and responsibly disclose …