Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of …
Browsing: Flaws
Scanning for Flaws, Scoring for Security
Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses …
Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack
Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows …
Satan Ransomware Variant Exploits 10 Server-Side Flaws
A new version of ransomware that first surfaced about two years ago is garnering attention for its ability to spread via as many as ten …
Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users
Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social …
Apple Rolls Out iOS, macOS Updates That Fix Serious Flaws
Today’s topics include Apple fixing passcode and remote code execution flaws in iOS and macOS, and Microsoft open sourcing Windows …
Apple Fixes Passcode, Remote Code Execution Flaws in IOS and macOS
In what is likely to be the final Apple security update for 2018, macOS 10.14.2 and IOS 12.1.1 are now available, fixing multiple flaws …
Kubernetes cloud computing bug could rain data for attackers
Kubernetes, a tool that powers much modern native cloud infrastructure, just got its first big security bug – and it’s a mammoth one. …
Researchers Find First Major Kubernetes Flaw
Security researchers have patched a critical security flaw in popular container orchestration tool Kubernetes which could allow third …
Faster fuzzing ferrets out 42 fresh zero-day flaws
A group of researchers has found 42 zero-day flaws in a range of software tools using a new take on an old concept. The team, from …
GCHQ Reveals Why Some Flaws Are Kept Secret
GCHQ has revealed for the first time how it researches vulnerabilities, claiming sometimes not to inform the vendor if a specific flaw …
Sennheiser Software Flaw Leaves Users Open to Hacking
Sennheiser managed to do. The desktop application for its headsets, called HeadSetup and HeadSetup Pro, included a botched root …
Widely Used Web Conference Service Zoom Patches Critical Flaw
The flaw could have potentially enabled a remote attacker to hijack a web conference and get control of user …
US Postal Service Plugs API Flaw – One Year Later
A vulnerability in a U.S. Postal Service application for tracking mail in real-time would have allowed anyone logged into the service to …
Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
Facebook has faced multiple challenges over the course of 2018 as it has struggled to deal with inauthentic user behavior, abuse of private …
3 New Code Execution Flaws Discovered in Atlantis Word Processor
This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurity …
Up to three million kids’ GPS watches can be tracked by parents… and any miscreant: Flaws spill pick-and-choose catalog for perverts
Parents could be unwittingly putting their children’s safety and privacy at risk, thanks to security vulnerabilities in potentially …
7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs
Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors …
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now
It’s Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. …
WordPress GDPR compliance plugin hacked
The General Protection Data Regulation (GDPR) is supposed to make companies take extra care with their customers’ personal data. That …
4 Million Shops Installed WooCommerce Plugin RCE Flaw Allows Attacker to Gain WordPress Sites Admin Access
WordPress based E-commerce websites that powered by E-commerce plugin WooCommerce contains Critical Remote code execution vulnerability …
Enterprises Sinking Under 100+ Critical Flaws Per Day
Enterprises are forced to deal with an estimated 100+ critical vulnerabilities each day, with Flash and Microsoft Office accounting for the …
Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a …
Apple Patches Critical iOS, macOS and watchOS Flaws
Today’s topics include Apple patching critical iOS and macOS flaws, and Microsoft releasing a roadmap for Visual Studio 2019 …
Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data
We all have something to hide, something to protect. But if you are also relying on self-encrypting drives for that, then you should read …
Flaws in self-encrypting SSDs let attackers bypass disk encryption
Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an …
PortSmash – A New Side Channel Vulnerability in SMT/Hyper-Threading That Allows Attackers To Steal Sensitive Data
Researchers discovered a new critical side-channel vulnerability dubbed PortSmash that can allow attackers to steal from other simultaneous …
PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
PortSmash side-channel flaw that could be exploited with a timing attack to steal information from other processes running in the same CPU …
New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data
A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to …
BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks
Two vulnerabilities in new Bluetooth chip, dubbed BLEEDINGBIT expose millions of access points and other networking devices to remote …