vulnerability
Cupid exploits Heartbleed bug on WiFi networks and Android
Nearly two months have passed since the public revelation of the Heartbleed bug affecting the widely used open source cryptographic library OpenSSL. The reaction of the …
Outlook for Android fails to keep emails confidential
Did you know that Outlook and many other email and mobile messaging Android apps store your emails and messages on the device’s SD card, unencrypted, and accessible to …
Still no patch for 7-month-old IE8 zero-day flaw
HP’s Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention …
Some industrial systems still vulnerable to Heartbleed
The danger from Heartbleed has passed for most Internet users, but operators of Industrial Control Systems (ICS) are not that lucky. The US ICS CERT has issued on Tuesday an …
Researchers discover critical flaws in the Chip and PIN system
A group of researchers from Cambridge University have discovered two critical flaws in the “Chip and PIN” (EMV) smart card payment system that can be misused to …
Recently patched IE 0-day abused in APT attacks
When Microsoft issued an out-of-band security update to patch the zero day Internet Explorer vulnerability on May 1, it was revealed by researchers from security company …
4chan launches bug bounty program
In the wake of the recent data breach that spelled the end of art products Canvas and DrawQuest, 4chan founder and owner Chris “moot” Poole has announced that they …
Dropbox fixes link-sharing data-leaking flaw
Popular file hosting service Dropbox has announced that it has patched a vulnerability that would make privately shared links accessible to those for whom they weren’t …
Windows flaw allows access to data after accounts are revoked
A disabled account in Windows’ network does not take effect immediately, according to Aorato. In fact, due to design considerations disabled accounts – and the …
Researchers debunk severity of OAuth “Covert Redirect” bug
Late last week, a Ph.D. student at the Nanyang Technological University in Singapore made the information security world pause for a moment by claiming that he had found a …
A hybrid approach to web app security assessment
High-Tech Bridge is introducing its hybrid web application security assessment SaaS, ImmuniWeb for the first time ever to visitors at Infosecurity Europe 2014. The service, …
Defacement mitigator for cybersecurity protection
At Infosecurity Europe 2014, Foresight released Defacement Mitigator, the first cloud-based web security solution that provides full defacement mitigation and protection to …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?