vulnerability
Critical Android code-execution flaw affects all but the latest version
IBM researchers have discovered a critical security vulnerability in Android 4.3 (Jelly Bean) and below which could allow attackers to exfiltrate sensitive information – …
Drastic decline in vulnerable NTP servers due to Heartbleed?
In light of the escalation of DDoS attacks used as a means of extorting money from online businesses, the news that there has been a significant decrease in vulnerable Network …
Critical flaw exposes admin passwords of nearly 32,000 servers
Over 30,000 servers with Supermicro baseboard management controllers (BMCs) on their motherboards are offering up administrator passwords to anyone who knowns where to look, …
Microsoft patches DoS flaw in its Malware Protection Engine
Microsoft has released an update for its Malware Protection Engine to fix a privately reported security vulnerability that could allow a denial of service if the Microsoft …
Analysis of 3000 vulnerabilities in SAP
According to official information from SAP portal, more than 3000 vulnerabilities have been closed by SAP. Here are 6 highlights from a research conducted by the ERPScan team …
OpenSSL releases patches for critical MITM, code execution flaws
OpenSSL users, you need to patch again. The OpenSSL team released a security update that fixes 6 vulnerabilities, two of which could be considered critical. The first one is …
Critical bug in GnuTLS crypto library could allow malicious code execution
Another critical bug in an open source SSL/TLS (and DTLS) cryptographic library has been discovered and patched last week. The affected library is GnuTLS, and is used in a …
Cupid exploits Heartbleed bug on WiFi networks and Android
Nearly two months have passed since the public revelation of the Heartbleed bug affecting the widely used open source cryptographic library OpenSSL. The reaction of the …
Outlook for Android fails to keep emails confidential
Did you know that Outlook and many other email and mobile messaging Android apps store your emails and messages on the device’s SD card, unencrypted, and accessible to …
Still no patch for 7-month-old IE8 zero-day flaw
HP’s Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention …
Some industrial systems still vulnerable to Heartbleed
The danger from Heartbleed has passed for most Internet users, but operators of Industrial Control Systems (ICS) are not that lucky. The US ICS CERT has issued on Tuesday an …
Researchers discover critical flaws in the Chip and PIN system
A group of researchers from Cambridge University have discovered two critical flaws in the “Chip and PIN” (EMV) smart card payment system that can be misused to …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments