vulnerability
![collaboration](https://img.helpnetsecurity.com/wp-content/uploads/2016/07/09111540/collaboration-400x200.jpg)
New LTE attacks can reveal accessed websites, direct victims to malicious sites
Three new attacks against the LTE 4G wireless data communications technology have been pinpointed by researchers from Ruhr-University Bochum and New York University Abu Dhabi. …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2018/04/09101404/cisco-400x200.jpg)
Cisco plugs critical flaws in many switches, security appliances
Cisco has released security updates to address a bucketload of vulnerabilities affecting multiple products, including 24 critical and high-severity flaws found in many of its …
![GnuPG](https://img.helpnetsecurity.com/wp-content/uploads/2016/08/09110936/gnupg-400x200.jpg)
Vulnerability in GnuPG allowed digital signature spoofing for decades
A vulnerability affecting GnuPG has made some of the widely used email encryption software vulnerable to digital signature spoofing for many years. The list of affected …
![Tapplock](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100804/lock-1-400x200.jpg)
Researcher hacks smart fingerprint padlock in mere seconds
The Tapplock one “smart” padlock, which received many rave reviews by tech-focused news sites and YouTubers, can be forced to open in under two seconds with a …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100831/apple-400x200.jpg)
Fooling security tools into believing malicious code was signed by Apple
The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security …
![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100820/vmware-400x200.jpg)
VMware plugs RCE hole in remote management agent
VMware has fixed a critical remote code execution vulnerability in VMware AirWatch Agent for Android and Windows Mobile, and is urging users to upgrade to the newest versions …
![Adobe Flash](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112505/adobe_flash-400x200.jpg)
Adobe releases fix for actively exploited Flash Player zero-day
If you’re still using Flash Player, it’s time to update it again – and quickly: Adobe has just patched a critical zero day vulnerability (CVE-2018-5002) …
![vunerable ships tracker](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100847/vunerable_ships_tracker-400x200.jpg)
Vulnerable ship systems: Many left exposed to hacking
Pen Test Partners’ Ken Munro and his colleagues – some of which are former ship crew members who really understand bridge and propulsion systems – have been …
![Hand](https://img.helpnetsecurity.com/wp-content/uploads/2017/07/09103603/hand-code-400x200.jpg)
Zip Slip vulnerability affects thousands of projects
An arbitrary file overwrite vulnerability that can be exploited by attackers to achieve code execution on a target system affects a myriad of projects and multiple ecosystems, …
![risk](https://img.helpnetsecurity.com/wp-content/uploads/2016/12/09105446/risk-400x200.jpg)
Quantifying cyber exposure: Attackers are racing ahead
Cybercriminals have a median seven-day window of opportunity during which they can exploit a vulnerability to attack their victims, potentially siphoning sensitive data, …
![Intel inside](https://img.helpnetsecurity.com/wp-content/uploads/2018/01/09102256/intel_inside-400x200.jpg)
New Spectre-like flaw found in CPUs using speculative execution
A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by …
![editor](https://img.helpnetsecurity.com/wp-content/uploads/2018/03/09101601/editor2-400x200.jpg)
The percentage of open source code in proprietary apps is rising
The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …
Featured news
Sponsored
Don't miss
- Signatures should become cloud security history
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts