vulnerability
![Philips health](https://img.helpnetsecurity.com/wp-content/uploads/2018/09/09100309/philips-health-400x200.jpg)
Phillips plugs security flaws in e-Alert tool
Dutch tech company Phillips has fixed several serious security flaws in Philips e-Alert, a tool that helps magnetic resonance imaging (MRI) systems work as intended. About …
![Wireshark](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100318/wireshark-400x200.jpg)
Wireshark can be crashed via malicious packet trace files
The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …
![Datacaptor Terminal Server](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100322/datacaptor-terminal-server-400x200.jpg)
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …
![Wemo](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100334/wemo-400x200.jpg)
Hacking smart plugs to enter business networks
McAfee researchers have discovered a buffer overflow flaw in Belkin’s Wemo Insight Smart Plug that can be exploited by attackers to access and interfere with other …
![match](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111901/match-400x200.jpg)
Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!
A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote …
![open lock](https://img.helpnetsecurity.com/wp-content/uploads/2016/04/09113144/open_lock-400x200.jpg)
Networking vendors patch against new cryptographic attack
Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, …
![gap](https://img.helpnetsecurity.com/wp-content/uploads/2017/01/09105311/gap-400x200.png)
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
![smart card](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100418/smartcard3-400x200.jpg)
Vulnerabilities in smart card drivers open systems to attackers
Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into …
![Oracle](https://img.helpnetsecurity.com/wp-content/uploads/2017/04/09104527/oracle-400x200.jpg)
Critical vulnerability in Oracle Database, patch without delay!
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell …
![HP faxploit](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100422/HP-attack-faxploit-400x200.jpg)
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
![mpos](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100428/mpos-1600-400x200.jpg)
Vulnerabilities in mPOS devices could lead to fraud and theft
Vulnerabilities in mPOS (mobile point-of-sale) machines could allow malicious merchants to defraud customers and attackers to steal payment card data, Positive Technologies …
![airplane](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111910/airplane-400x200.jpg)
IoT malware found hitting airplanes’ SATCOM systems
In 2014, IOActive researchers revealed security vulnerabilities they found in the most widely deployed satellite communications terminals and presented potential scenarios …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?