vulnerability
Gyroscopes on Android devices can be used to eavesdrop on users’ conversations
If you think that denying an app permission to use your phone’s microphone is enough to prevent it from listening in on your conversations, think again, as a group of …
Breaking the security of physical devices
In this podcast recorded at Black Hat USA 2014, Silvio Cesare, Director of Anti-Malware Engineering at Qualys, discusses the security measures of a number of household devices …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
15 new bugs exploited at DEF CON router hacking contest
Security researchers taking part of the SOHOpelessly Broken hacking competition at this year’s edition of DEF CON have demonstrated 15 flaws affecting a number of small …
Data breaches and high-risk vulnerabilities continue to dominate
Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014. The severity of these attacks intensified against financial and …
Square launches bug bounty program
Popular California-based financial services and mobile payments company Square has set up a bug bounty program on the HackerOne platform. The announcement was made at a panel …
Blackphone rooted at DEF CON?
Blackphone, the recently released security-oriented smartphone, has apparently been rooted. The feat was executed at the DEF CON hacker conference, where Jon Sawyer …
US switch to chip-and-PIN cards not a panacea for fraud
The massive breach that Target suffered late last year was the proverbial straw that broke the camel’s back and made the company decide to move to chip-and-PIN card …
Critical 0-days found in CPE WAN Management Protocol
Check Point has released its findings of security concerns in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and …
Serious flaws in cell phone carrier control software found
At the Black Hat conference this week, two Accuvant researchers have disclosed serious security flaws in the carrier control software used in over 2 billion cellular devices …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Prioritizing vulnerabilities to close gaps where it matters
Core Security announced the latest version of the Core Attack Intelligence Platform, which consolidates, prioritizes and validates the overwhelming quantity of vulnerabilities …