vulnerability
Data-slurping Facebook Graph Search flaw revealed
A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 …
Car hack attack a possible theory behind journalist’s death
The upcoming DEFCON hacking conference will have many presenters touching on a great number of subjects, including that of car hacking. Security researcher Charlie Miller, …
Microsoft to pay up to 150k for vulnerabilities
After years of saying that bug bounties are not the best way to go about getting crucial product vulnerability information in the long run, Microsoft has done an about-face …
U.S. tech companies sharing bug info with U.S. govt before releasing fixes
A recent report by Bloomberg’s Michael Riley has revealed that a great many U.S.-based companies are voluntarily sharing sensitive information with the U.S. national …
ISC-CERT warns about medical devices with hard-coded passwords
Approximately 300 different surgical and anesthesia devices, ventilators, drug infusion pumps, external defibrillators, patient monitors, and laboratory and analysis equipment …
Google ups (some) bug bounties
Google has once again decided to raise the sums that researchers can earn by offering information about bugs in the company’s web services and properties (YouTube, …
Smart TVs vulnerable to a host of attacks
Smart (connected) TVs are becoming a common fixture in Western world homes, and most users consider it a handy tool and an improvement over the basic television sets of …
Google researcher publishes Windows 0-day exploit
Less than two weeks after Google researcher Tavis Ormandy released information about a new Windows zero-day vulnerability on the Full Disclosure mailing list and asked for …
Questioning Google’s disclosure timeline motivations
The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet – particularly when very popular consumer-level software is the …
Apache server bug allows remote code execution
The existence of a “moderately critical” Apache HTTP Server vulnerability whose exploitation could allow attackers to compromise the system and execute arbitrary …
Google defines disclosure timeline for actively exploited bugs
The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments