vulnerability
OAuth flaw allowed researcher full access to any Facebook account
A flaw in Facebook’s OAuth system that allows the communication between applications and users has enabled web application security specialist Nir Goldshlager to gain …
Zendesk hack endangers Tumblr, Twitter and Pinterest users
Popular customer service software provider Zendesk has announced that they have been hacked. “We’ve become aware that a hacker accessed our system this week. As …
IBM shows where vulnerabilities appear in iOS apps
IBM announced security software that helps organizations proactively reduce the security risk to iOS enterprise apps. Clients will be able to build security testing into the …
Oracle, Apple release critical updates for Java
Oracle has released on Tuesday a new Java SE Critical Patch Update. “This Critical Patch Update includes all fixes provided in the Oracle Java SE Critical Patch Update …
BlackBerry Enterprise Server can be compromised due to TIFF-processing vulnerabilities
BlackBerry has released details about two critical vulnerabilities that can allow attackers to access and execute code on systems running BlackBerry Enterprise Server. The …
Facebook employees ambushed by zero-day exploit
Facebook is the latest big company to admit that they have been targeted with a “sophisticated” attack. The attack was triggered when a small number of Facebook …
Uyghur Mac users targeted with spear-phishing emails
Uyghur activists are, once again, targeted with spear-phishing emails whose goal is to set up a backdoor on the victims’ computers. The Uyghurs are a Turkic ethnic …
iOS flaw used to bypass iPhone’s lockscreen
The passcode lock in iPhones running iOS 6.x can be bypassed and anyone can access the photos, address book, make phone calls and send messages and emails from it, and more, …
Mega pays out first batch of bounties, its crypto still intact
Mega, the file hosting service and successor to Megaupload founded by Kim Dotcom, recently instituted a bug bounty program that should help keep the service and its users safe …
Windows and OS X users under attack, update Flash now!
Adobe has pushed out an emergency Flash update that solves two critical vulnerabilities (CVE-2013-0633 and CVE-2013-0634) that are being actively exploited to target Windows …
Microsoft to patch 57 vulnerabilities
The February 2013 Microsoft Patch Tuesday bulletin was released with 12 advisories and is bigger than average, which means security and IT teams will be busier than average. …
Researcher warns about critical flaw in D-Link routers
A security flaw in D-Link’s DIR-300 and DIR-600 routers could allow remote attackers to inject execute arbitrary shell commands via a simple POST request without being …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance