Top

Category: Vulnerabilities


Email security, Vulnerabilities

Internal Communications of Many Firms Exposed by Helpdesk Flaws

September 22, 2017

Via: Security Week

The way some companies have set up support systems can expose their internal communications to malicious actors, warned a researcher who used a newly discovered security hole to hack dozens of organizations. Belgium-based bug bounty hunter Inti De Ceukelaire initially […]


Vulnerabilities

Joomla Login Page Flaw Exposes Admin Credentials

September 21, 2017

Via: Security Week

Joomla 3.8 brings more than 300 improvements to the popular content management system (CMS) and patches two vulnerabilities, including one that can be exploited to obtain administrator credentials. Researchers at RIPS Technologies discovered that Joomla versions between 1.5 and 3.7.5 […]


Mobile security, Vulnerabilities

iOS 11 Patches 8 Security Vulnerabilities

September 20, 2017

Via: Security Week

Apple this week announced the availability of 8 security patches for its iPhone 5s and later, iPad Air and later, and iPod touch 6th generation users, released as part of the iOS 11 platform upgrade. The bugs affect 7 platform […]


Malware, Vulnerabilities

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

September 14, 2017

Via: Security Intelligence

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed […]


Threats & Malware, Vulnerabilities

China to Create Data Repository to Log Cyber Attacks

September 13, 2017

Via: Dark Reading

Telcos, government agencies, Internet companies, and domain-name organizations to file cybersecurity information. China’s Ministry of Industry and Information Technology (MIIT) on Wednesday unveiled a directive that calls on organizations and government agencies to report cyber-attack information into a nationwide data […]


Application security, Vulnerabilities

5.3 billion devices at risk for invisible, infectious Bluetooth attack

September 12, 2017

Via: CSO Online

What spreads through the air, is invisible to users, and requires no user interaction— no clicking, no pairing, no downloading, not even turning on discoverable mode— but could bring the hurt to billions of devices? It’s an attack vector dubbed […]


Mobile security, Vulnerabilities

Google Patches 81 Android Vulnerabilities With September 2017 Updates

September 7, 2017

Via: Security Week

A total of 81 security vulnerabilities have been addressed in this month’s set of security patches for the Android platform. 13 of the flaws were rated Critical severity. The security bulletin has two security patch levels, each focused on addressing […]


Vulnerabilities

465,000 pacemakers vulnerable to hacking need a firmware fix

September 5, 2017

Via: CSO Online

An acquaintance of mine told me he received a notification from his doctor about cybersecurity vulnerabilities in his pacemaker. He’s not alone, considering the FDA issued an alert about security flaws in 465,000 pacemakers which use radio frequency communications and […]


Vulnerabilities

Bugs in Arris Modems Distributed by AT&T Vulnerable to Trivial Attacks

September 1, 2017

Via: Threat Post

Trivially exploitable vulnerabilities have been discovered in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service. It’s unknown yet whether the firmware vulnerabilities were introduced by the OEM or the ISP since […]


Vulnerabilities

FDA Recalls 465K Pacemakers Tied to MedSec Research

September 1, 2017

Via: Threat Post

The United States Federal Drug Administration is recalling 465,000 pacemakers that attackers can gain unauthorized access to issue commands, change settings and maliciously disrupt. Affected are four models manufactured by Abbott Laboratories. According to the FDA, the recalls of affected […]