vulnerability
MySQL flaw allows attackers to easily connect to server
A simple but serious MySQL and MariaDB authentication bypass flaw has been revealed by MariaDB security coordinator Sergei Golubchik, and exploits targeting it have already …
Researchers bypass Google’s Android Bouncer
First introduced to the public in February this year, Google’s Bouncer was welcomed as a great addition that aimed to make Google Play more secure for Android users. …
UGNazi attack 4chan, CloudFlare
Visitors to 4chan have recently been automatically redirected to the Twitter account of hacker group UGNazi, and an investigation into the matter revealed that the attack has …
Real-time mobile vulnerability management
Mobilisafe launched its cloud-based Mobile Risk Management (MRM) solution, enabling IT to identify and eliminate the significant risks associated with the …
Microsoft embraces CVRF format for its security bulletins
A year has passed since the Industry Consortium for Advancement of Security on the Internet (ICASI) introduced the first version of the Common Vulnerability Reporting …
Common Vulnerability Reporting Framework updated
The Industry Consortium for Advancement of Security on the Internet (ICASI) announced Common Vulnerability Reporting Framework (CVRF), Version 1.1. Enhancements offer users a …
Most CCTV systems are easily accessible to attackers
The use of CCTV cameras for physical surveillance of all kinds of environments has become so pervasive that most of us don’t give the devices a second thought anymore. …
Kickstarter bug granted access to unlaunched projects
A bug in the private application programming interface (API) of Kickstarter, the popular crowd funding website for creative projects, has exposed details about 70,000 projects …
Apple security update fixes QuickTime vulnerabilities
Apple just released an advisory addressing 17 security flaws in QuickTime Media Player. The update is rated critical as several of the fixed vulnerabilities can be used to …
Adobe backs down, will patch old software for free
Following Adobe’s recent release of Creative Suite 6 and its statement that it will not be patching critical security vulnerabilities in previous versions of the popular …
Fuzz-o-Matic finds critical flaw in OpenSSL
Codenomicon helped identify and a critical flaw in widely-used encryption software. A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and DTLS can be …
Adobe patches Photoshop, Illustrator, Flash and Shockwave
Adobe released four security bulletins that fix critical vulnerabilities in the following products, for both Windows and Macintosh plaforms: Adobe Illustrator CS 5.5 and …
Featured news
Resources
Don't miss
- Cozy Bear targets EU diplomats with wine-tasting invites (again)
- Funding uncertainty may spell the end of MITRE’s CVE program
- When companies merge, so do their cyber threats
- Strategic AI readiness for cybersecurity: From hype to reality
- Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques