vulnerability
Widely used building access system can be easily compromised
A researcher has discovered several egregious vulnerabilities in the PremiSys IDenticard building access management system, some of which could allow attackers to take control …
Juniper releases barrage of security fixes for security, networking devices
Juniper Networks has released patches for vulnerabilities affecting its networking and security devices running Junos OS, as well as a bucketload of security flaws in the …
Cisco fixes serious DoS flaws in its email security appliances
Cisco has plugged a heap of security holes in many of its products, including two vulnerabilities (one critical) that open its email security appliances to denial of service …
Zerodium offers $2 million for remote iOS jailbreak, $1 million for WhatsApp RCE
Zero-day exploit broker Zerodium has raised again the payouts it offers for most desktops/servers and mobile exploits. A “zero click” iOS remote jailbreak is now …
Warding off security vulnerabilities with centralized data
This is the second article of a series, the first article is available here. File access permissions Having a system that lets you set the proper permissions and prevents …
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets
Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn. Instead on just …
Another API bug spurs Google to ditch consumer Google+ sooner than planned
Google has unearthed another Google+ API bug, which prompted it to accelerate the sunsetting of all Google+APIs and that of the consumer version of Google+. The API bug The …
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
Vulnerability discovered in safety controller configuration software
Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack
Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s …
Helping researchers with IoT firmware vulnerability discovery
John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?