vulnerability
Exploitation of vulnerabilities in Moxa industrial switches could disrupt communication between ICS components
Positive Technologies experts Ivan Boyko, Vyacheslav Moskvin, and Sergey Fedonin have discovered multiple vulnerabilities in Moxa industrial switches in the EDS-405A, …
The reality of container escapes
In this Help Net Security podcast recorded at RSA Conference 2019, Brandon Edwards, Chief Scientist at Capsule8, talks about container escapes. Here’s a transcript of the …
Researchers create system that predicts vulnerability severity from tweets
To what extent do users’ opinions about threat severity expressed online align with expert judgments and can these opinions provide an early indicator to help prioritize …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
Windows Servers in danger of being compromised via WDS bug
Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly …
A third of 2018’s vulnerabilities have public exploits, 50% can be exploited remotely
Over 22,000 new vulnerabilities were disclosed during 2018, according to Risk Based Security’s 2018 Year End Vulnerability QuickView Report. While approximately 33% of …
Researchers and businesses need to work together to expose IoT vulnerabilities
As the Internet of Things (IoT) grows and smart devices gain popularity, cybercriminals will continue to find new ways to exploit all connected things. Two new vulnerabilities …
Researchers eavesdrop on DNA synthesizer to steal genetic blueprint
Researchers from the University of California, Irvine (UCI) and the University of California, Riverside (UCR) have uncovered the possibility of an acoustic side-channel attack …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Cisco fixes risky flaws in HyperFlex and Prime infrastructure
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the …
Highly critical Drupal RCE flaw could lead to new Drupalgeddon, patch now!
A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over …
500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?