vulnerability
Security vulnerabilities in ESPN ScoreCenter mobile app
ESPN ScoreCenter, one of the most popular mobile sports apps on the market, has significant security vulnerabilities that could compromise users’ mobile devices, …
How the security threat landscape will evolve this year
Where 2012 was a period of great innovation amongst cybercriminals and hackers – many of whom keenly develop new and hybridized attack vectors that build on a constantly …
Dangerous remote Linksys 0-day root vulnerability discovered
DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed …
Microsoft to release seven advisories on Tuesday
The first Microsoft Patch Tuesday of 2013 includes 7 advisories (MS13-001 – MS13-007), two of which are listed as critical because they can be executed remotely. One of …
All Ruby on Rails versions affected by SQL injection flaw
Three new versions of popular open source web application framework Ruby on Rails have been released on Wednesday in order to fix an SQL injection vulnerability that affected …
Vulnerabilities in Java and Adobe to become main targets for cybercriminals
Software vulnerabilities will be the main target of cyber-criminals next year, according to a list of security trends that will dominate in 2013 by PandaLabs. “It is …
Reinvent your security approach
Tasked with ensuring the success of business-changing IT initiatives from mobile and BYOD to virtualization and cloud services, IT security is finding that existing security …
Company’s industrial heating system hacked via backdoor
An FBI memo circulated internally and shared with New Jersey law enforcement this last summer has recently been published and tells of a compromise of the industrial control …
Video: Smart TV 0-day vulnerability
This video by ReVuln demonstrates a 0-day vulnerability in Smart TV, in this case a Samsung TV LED 3D. Smart TV can be used to browse the Internet, use social networks, …
Rapid7 updates vulnerability management solution
Rapid7 announced that the new capabilities of its vulnerability management solution, Nexpose, simplify the challenge of IT security risk management. Nexpose 5.5 introduces new …
Tumblr worm proliferated due to XSS flaw
Yesterday’s worm rampage that left many a Tumblr site “defaced” with a message by Internet troll group GNAA was the result of improper input sanitation. …
Hardcoded account in Samsung printers provides backdoor for attackers
US-CERT has issued an alert warning users of Samsung printers and some Dell printers manufactured by Samsung about the presence of a hardcoded account that could allow remote …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance