SAP closes critical vulnerability affecting TREX
SAP closed a critical vulnerability for an issue that was exposed for almost two years. The vulnerability (SAP Security Note 2419592) affects TREX, a SAP NetWeaver standalone …
Attackers can steal smartphone users’ PINs by tapping into data collected by mobile sensors
Researchers have demonstrated that a malicious website or app could work out smartphone users’ PINs or passwords based just on the data collected by various motion …
CLDAP reflection attacks generate up to 24 Gbps of traffic
Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP …
Ewind Android adware is actually a full-fledged Trojan
Palo Alto Networks researchers have analyzed a string of legitimate-looking Android apps and have discovered that the adware included in them has the potential to do much more …
Mobile payment card cloning: Understanding the risks
Mobile contactless payments have grown exponentially and Host Card Emulation (HCE) – the possibility to emulate payment cards on a mobile device, without dependency on special …
Cybersecurity: To automate or not to automate?
There are seven vital automated IT security applications that will function as the stepping stones necessary to advance cybersecurity in the new world of artificial …
Hacking tools in Vault 7 data dump linked to prolific cyber espionage group
While security researchers and companies go through the collection of hacking tools contained in the data dump that the Shadow Brokers failed to sell, Symantec has tied …
Similarities in partial fingerprints may trick biometric security systems
No two people are believed to have identical fingerprints, but researchers at the New York University Tandon School of Engineering and Michigan State University College of …
How fraudsters stole millions with the help of a legitimate online tool
Identity thieves have managed to steal $30 million from the US Internal Revenue Service by taking advantage of an online tool designed to help students fill out financial aid …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
Exploit revealed for remote root access vulnerability affecting many router models
Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco …
Network teams spend more time on data security amidst new threats
Enterprise network teams are expending more time and resources than ever before to battle security threats, according to Viavi Solutions, who surveyed 1,035 CIOs, IT …
Featured news
Resources
Don't miss
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground