January 11, 2017
Via: Security WeekSAP on Tuesday released its first set of monthly security patches for 2017, which addresses numerous Cross-Site Scripting (XSS) and Missing Authorization Check issues across its products. The enterprise software giant included 18 Patch Day Security Notes in the January […]
January 5, 2017
Via: InfoworldThe U.S. Federal Trade Commission is scheduled to announce Wednesday a “prize competition” for a tool that can used against security vulnerabilities in internet of things systems. The prize pot is up to $25,000, with $3,000 available for each honorable […]
November 9, 2016
Via: CSO OnlineAdobe Systems has released scheduled security patches for its widely used Flash Player software as well as the Adobe Connect web conferencing platform, which is popular in enterprise environments. The Flash Player security updates fix nine critical vulnerabilities that could […]
November 7, 2016
Via: Help Net SecurityGitLab (the company) has pushed out security updates for both the Community Edition (CE) and Enterprise Edition (EE) of the GitLab software, fixing a critical security flaw in the “import/export project” feature. “This feature did not properly check for symbolic […]
October 27, 2016
Via: Threat PostWeb developers who run the content management system Joomla! are strongly encouraged to update their sites immediately. The company on Tuesday pushed out the most recent version of the CMS, 3.6.4, fixing two critical issues that can lead to account […]
Mobile security, Vulnerabilities
October 26, 2016
Via: Threat PostApple on Monday patched a code execution vulnerability in iOS that could be exploited via a JPEG file crafted to take advantage of the flaw. Apple also issued its first round of patches for macOS Sierra as part of a […]
September 27, 2016
Via: Computer WeeklyApple plans to fix a vunerability in iOS 10 discovered by controversial Russian forensics company Elcomsoft that puts iPhones’ security at risk. Apple added an alternative password verification mechanism to iOS 10, inadvertently weakening the security of local backups, the […]
June 10, 2016
Via: Security WeekTrihedral Engineering, a Canada-based company that specializes in developing software for SCADA systems, has patched several remotely exploitable vulnerabilities in its VTScada product. VTScada, which allows users to develop industrial monitoring and control software, is deployed in North America and […]
May 23, 2016
Via: We Live SecurityIn a recent study, researchers from Google and the universities of Illinois and Michigan dropped nearly 300 USB sticks off at the University of Illinois Urbana-Champaign campus and measured how many of these were plugged into student machines. The findings […]
May 19, 2016
Via: Help Net SecurityBitly processes data associated with more than 12 billion clicks per month, leading to massive troves of intelligence. Now, they’re partnering with Let’s Encrypt to generate SSL certificates for more than 40,000 Bitly branded domains used to create links and […]
May 18, 2016
Via: InfoSecurity LiveAdobe Systems has released a security update for Flash Player in order to fix a publicly known vulnerability, as well as 24 privately reported security flaws. The company issued a warning about the zero-day previously unknown and unpatched . The […]
May 3, 2016
Via: Threat PostPopular collaboration and communication firm Slack rushed to plugged a security hole in its platform Thursday that was leaking some of its users’ private chats and files for anyone to access. Slack, a leading tool used by companies to communicate […]
Application security, Vulnerabilities
March 29, 2016
Via: Security WeekZen Cart on Friday released an updated version of the popular online open source shopping cart application to address multiple Cross-Site Scripting (XSS) vulnerabilities. The security issues were discovered by Trustwave and are said to affect Zen Cart 1.5.4 and […]
February 23, 2016
Via: InfoSecurity LiveTwitter has addressed a privacy bug that exposed email addresses and phone numbers associated with roughly 10,000 user accounts. According to the social media company, the flaw affected its password recovery system for approximately 24 hours last week. Users whose […]
Privacy protection, Vulnerabilities
January 5, 2016
Via: Security WeekComputers and mobile devices might be the main targets for cybercriminals at the moment, but the fast expanding Internet of Things (IoT) market is creating new opportunities for attacks, and Samsung appears determined to prevent that. Last week, the company […]
October 4, 2015
Via: application-security#microsoft has acknowledged that users of its Office for Mac 2016 application suite are encountering frequent crashes and implied that it’s working on a #fix, but offered no timeline for delivering an update. In an emailed #statement, a Microsoft spokeswoman […]
April 22, 2024
April 18, 2024