Blog Posts Tagged with "vulnerability"
For Cybersecurity, It’s That Time of the Year Again
October 17, 2019 Added by:Assaf Harel
It’s a race against time and a reactive security approach that waits for a vulnerability to be discovered and then issues patches is lacking, to put it lightly.
Comments (0)
Top Three Cross-Site Scripting Attacks You Need to Know Now
July 31, 2019 Added by:Johnny Rice
Cross-Site scripting or XSS is and will remain to be a major pain for anyone trying to create a secure web application for their end-users.
Comments (0)
What You Need to Know about the Recent Apache Struts Vulnerability
November 05, 2018 Added by:Tushar Richabadas
Researchers recently revealed a vulnerability in Apache Struts, a popular type of enterprise software. Active exploit attempts weren’t far behind.
Comments (0)
SAP Cyber Threat Intelligence Report – April 2018
April 19, 2018 Added by:Alexander Polyakov
The April 2018 set of SAP Security Notes consists of 16 patches with the majority of them rated medium.
Comments (0)
SAP Cyber Threat Intelligence Report – August 2017
August 11, 2017 Added by:Alexander Polyakov
The August 2017 set of SAP Security Notes consists of 19 patches with the majority of them rated medium.
Comments (0)
SAP Cyber Threat Intelligence Report – March 2017
March 17, 2017 Added by:Alexander Polyakov
SAP has released the monthly critical patch update for March 2017. This patch update includes 35 SAP Notes (28 SAP Security Patch Day Notes and 7 Support Package Notes).
Comments (0)
SAP Security Notes June 2016 - Review
June 15, 2016 Added by:Alexander Polyakov
SAP's monthly critical patch update for June 2016 closes 21 vulnerabilities in SAP products including 15 SAP Security Patch Day Notes and 6 Support Package Notes.
Comments (0)
The 2015 ICS Cyber Security Conference
September 18, 2015 Added by:Joe Weiss
The 2015 ICS Cyber Security Conference will be October 26-29 at the Georgia Tech Hotel and Conference Center in Atlanta (www.icscybersecurityconference.com ). This will be the 15th in a series that began in 2002. The Conference will have some new twists, but will also stay true to its roots - ICS cyber security and what makes ICS cyber security different. Specifically, there will be....
Comments (0)
Microsoft Patches Critical IE Flaw Exploited in the Wild
August 18, 2015 Added by:Mike Lennon
Microsoft issued an emergency out-of-band update to fix a critical vulnerability (CVE-2015-2502) being actively exploited in the wild and affecting all versions of Internet Explorer from IE 7 through 11.
Comments (0)
Flaws in Secure Messaging App Telegram Expose Chats
February 23, 2015 Added by:Eduard Kovacs
Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.
Comments (7)
What We Know About Shellshock and Why the Bash Bug Matters
September 26, 2014 Added by:InfosecIsland News
Opinions vary wildly among experts as to the potential impact of the Shellshock vulnerability. What is known—and agreed upon—at this point, is that Shellshock is a very serious vulnerability because it allows remote code execution and gives the attacker full access to the system.
Comments (0)
Hackers Exploited Heartbleed Bug to Steal Patient Data from Community Health Systems
August 19, 2014 Added by:Mike Lennon
TrustedSec, citing sources familiar with the incident, said on Tuesday that the initial attack vector was through the infamous “Heartbleed” vulnerability in OpenSSL which provided the attackers a way in, eventually resulting in the compromise of patient data.
Comments (0)
New IE Zero-Day Used in Attacks Against Defense, Financial Sectors
April 27, 2014 Added by:InfosecIsland News
Researchers from FireEye have discovered a nasty zero-day exploit that bypasses the ASLR and DEP protections in Microsoft Windows and is being used in targeted attacks.
Comments (0)
Apple Fixes iOS SSL Validation Flaw That Enables Man-in-the-Middle Attacks
February 21, 2014 Added by:Mike Lennon
Apple has released iOS 7.0.6 which patches a flaw in iOS that enables a man-in-the-middle attack of encrypted (SSL) connections
Comments (1)
iOS 7 Bug Allows Find My iPhone Feature to be Disabled
February 07, 2014 Added by:Anthony M. Freed
Security researcher Bradley Williams has discovered a flaw in iOS 7 that could allow the disabling of the Find My iPhone feature without having to enter a password, but reports indicate that iOS 7.1 is not susceptible.
Comments (1)
Android VPN Vulnerability Allows Data Interception in Plain Text
January 20, 2014 Added by:Anthony M. Freed
Security researchers at Ben Gurion University in Israel have disclosed the discovery of a vulnerability in Android devices that would allow an attacker to bypass VPN configurations to intercept what are intended to be secure communications.
Comments (0)
- Hackers Target Online Gambling Sites
- When Data Is Currency, Who’s Responsible for Its Security?
- SEC Shares Cybersecurity and Resiliency Observations
- What Does Being Data-Centric Actually Look Like?
- The Big 3: Top Domain-Based Attack Tactics Threatening Organizations
- Security Compass Receives Funding for Product Development and Expansion
- Password Shaming Isn’t Productive – Passwords Are Scary Business
- Five Key Cyber-Attack Trends for This Year
- 20/20 Vision on 2020's Network Security Challenges
- Is Cybersecurity Getting Too Complex?