Blog Posts Tagged with "vulnerability"
What You Need to Know about the Recent Apache Struts Vulnerability
November 05, 2018 Added by:Tushar Richabadas
Researchers recently revealed a vulnerability in Apache Struts, a popular type of enterprise software. Active exploit attempts weren’t far behind.
Comments (0)
SAP Cyber Threat Intelligence Report – April 2018
April 19, 2018 Added by:Alexander Polyakov
The April 2018 set of SAP Security Notes consists of 16 patches with the majority of them rated medium.
Comments (0)
SAP Cyber Threat Intelligence Report – August 2017
August 11, 2017 Added by:Alexander Polyakov
The August 2017 set of SAP Security Notes consists of 19 patches with the majority of them rated medium.
Comments (0)
SAP Cyber Threat Intelligence Report – March 2017
March 17, 2017 Added by:Alexander Polyakov
SAP has released the monthly critical patch update for March 2017. This patch update includes 35 SAP Notes (28 SAP Security Patch Day Notes and 7 Support Package Notes).
Comments (0)
SAP Security Notes June 2016 - Review
June 15, 2016 Added by:Alexander Polyakov
SAP's monthly critical patch update for June 2016 closes 21 vulnerabilities in SAP products including 15 SAP Security Patch Day Notes and 6 Support Package Notes.
Comments (0)
The 2015 ICS Cyber Security Conference
September 18, 2015 Added by:Joe Weiss
The 2015 ICS Cyber Security Conference will be October 26-29 at the Georgia Tech Hotel and Conference Center in Atlanta (www.icscybersecurityconference.com ). This will be the 15th in a series that began in 2002. The Conference will have some new twists, but will also stay true to its roots - ICS cyber security and what makes ICS cyber security different. Specifically, there will be....
Comments (0)
Microsoft Patches Critical IE Flaw Exploited in the Wild
August 18, 2015 Added by:Mike Lennon
Microsoft issued an emergency out-of-band update to fix a critical vulnerability (CVE-2015-2502) being actively exploited in the wild and affecting all versions of Internet Explorer from IE 7 through 11.
Comments (0)
Flaws in Secure Messaging App Telegram Expose Chats
February 23, 2015 Added by:Eduard Kovacs
Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.
Comments (7)
What We Know About Shellshock and Why the Bash Bug Matters
September 26, 2014 Added by:InfosecIsland News
Opinions vary wildly among experts as to the potential impact of the Shellshock vulnerability. What is known—and agreed upon—at this point, is that Shellshock is a very serious vulnerability because it allows remote code execution and gives the attacker full access to the system.
Comments (0)
Hackers Exploited Heartbleed Bug to Steal Patient Data from Community Health Systems
August 19, 2014 Added by:Mike Lennon
TrustedSec, citing sources familiar with the incident, said on Tuesday that the initial attack vector was through the infamous “Heartbleed” vulnerability in OpenSSL which provided the attackers a way in, eventually resulting in the compromise of patient data.
Comments (0)
New IE Zero-Day Used in Attacks Against Defense, Financial Sectors
April 27, 2014 Added by:InfosecIsland News
Researchers from FireEye have discovered a nasty zero-day exploit that bypasses the ASLR and DEP protections in Microsoft Windows and is being used in targeted attacks.
Comments (0)
Apple Fixes iOS SSL Validation Flaw That Enables Man-in-the-Middle Attacks
February 21, 2014 Added by:Mike Lennon
Apple has released iOS 7.0.6 which patches a flaw in iOS that enables a man-in-the-middle attack of encrypted (SSL) connections
Comments (1)
iOS 7 Bug Allows Find My iPhone Feature to be Disabled
February 07, 2014 Added by:Anthony M. Freed
Security researcher Bradley Williams has discovered a flaw in iOS 7 that could allow the disabling of the Find My iPhone feature without having to enter a password, but reports indicate that iOS 7.1 is not susceptible.
Comments (1)
Android VPN Vulnerability Allows Data Interception in Plain Text
January 20, 2014 Added by:Anthony M. Freed
Security researchers at Ben Gurion University in Israel have disclosed the discovery of a vulnerability in Android devices that would allow an attacker to bypass VPN configurations to intercept what are intended to be secure communications.
Comments (0)
Office 365 Vulnerability Allowed Unauthorized Administrator Access
January 19, 2014 Added by:Anthony M. Freed
Security researcher Alan Byrne has disclosed a Cross Site Scripting (XSS) vulnerability in Microsoft Office 365 that would allow an attacker to obtain administrator privileges and access to the Email and SharePoint content across the network, as well as the ability to make configuration changes.
Comments (0)
OWASP Vulnerability Deep Dive: CSRF
October 30, 2013 Added by:Kyle Adams
While OWASP has been around for a long time, and many security experts are aware of their top 10 web vulnerability report, I thought it would be beneficial to elaborate and share a bit more color on each one. This blog series will focus on some of the most common web attack vectors, how they are exploited, some examples, and finally how to prevent the exploit on your own applications.
Comments (0)
- A Call to Structure
- What CEOs Need to Know About the Future of Cybersecurity
- Who’s Responsible for Your Cyber-Security?
- CERT/CC Warns of Vulnerabilities in Marvell Avastar Wireless SoCs
- Mozilla Concerned of Facebook’s Lack of Transparency
- OWASP: What Are the Top 10 Threats and Why Does It Matter?
- Magento Patches Command Execution, Local File Read Flaws
- The Biggest Security Hurdles in Your Business, and How to Overcome Them
- Four Technologies that will Increase Cybersecurity Risk in 2019
- Strategies for Winning the Application Security Vulnerability Arms Race