vulnerability
15 new bugs exploited at DEF CON router hacking contest
Security researchers taking part of the SOHOpelessly Broken hacking competition at this year’s edition of DEF CON have demonstrated 15 flaws affecting a number of small …
Data breaches and high-risk vulnerabilities continue to dominate
Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014. The severity of these attacks intensified against financial and …
Square launches bug bounty program
Popular California-based financial services and mobile payments company Square has set up a bug bounty program on the HackerOne platform. The announcement was made at a panel …
Blackphone rooted at DEF CON?
Blackphone, the recently released security-oriented smartphone, has apparently been rooted. The feat was executed at the DEF CON hacker conference, where Jon Sawyer …
US switch to chip-and-PIN cards not a panacea for fraud
The massive breach that Target suffered late last year was the proverbial straw that broke the camel’s back and made the company decide to move to chip-and-PIN card …
Critical 0-days found in CPE WAN Management Protocol
Check Point has released its findings of security concerns in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and …
Serious flaws in cell phone carrier control software found
At the Black Hat conference this week, two Accuvant researchers have disclosed serious security flaws in the carrier control software used in over 2 billion cellular devices …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Prioritizing vulnerabilities to close gaps where it matters
Core Security announced the latest version of the Core Attack Intelligence Platform, which consolidates, prioritizes and validates the overwhelming quantity of vulnerabilities …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?