Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Vulnerabilities

CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities

CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.

Ionut Arghire8 hours ago

Artificial Intelligence

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster

SaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities.

Kevin Townsend10 hours ago

Mobile & Wireless

Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps

Microsoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations.

Eduard Kovacs10 hours ago

Vulnerabilities

1,400 GitLab Servers Impacted by Exploited Vulnerability

CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.

Ionut Arghire1 day ago

Malware & Threats

Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push

Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.

Ionut Arghire2 days ago

Application Security

Adobe Adds Content Credentials and Firefly to Bug Bounty Program

Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.

Ionut Arghire2 days ago

Vulnerabilities

ICS-CERT Examines 3 Years of Data to Reveal Common Vulnerabilities for Critical Asset Owners

Lack of formal documentation, event monitoring, and permissions and privileges control, remain common among industrial control system environments, according to the Department of Homeland...

Fahmida Y. RashidApril 4, 2013

Application Security

Real-time Apps Both a Priority and Weakness for Organizations: Study

According a new report from Kaazing, real-time applications are both a curse and a blessing for organizations the world over. Kaazing, the company behind...

Steve RaganMarch 27, 2013

Cyberwarfare

Obama’s Stopgap Spending Bill Blocks Government IT Purchases from China

On Tuesday, President Obama signed the continuing resolution that will keep the government running though the end of the fiscal year – avoiding a...

Steve RaganMarch 27, 2013

Vulnerabilities

Unpatched Java Versions Remain Widely Used: Report

Java exploits have become popular additions to many crimeware kits for good reason. According to Websense, close to 94 percent of endpoints running Oracle...

Brian PrinceMarch 26, 2013

Application Security

Podcast: Dave Aitel on Security Awareness Training, Exploit Sales, Jiu-Jitsu

Ryan NaraineMarch 22, 2013

Vulnerabilities

Cisco Warns of Passwords Hashing Issues on IOS, IOS XE Devices

The password hashing algorithm used in some versions of the Cisco IOS system running on its routers and switches is vulnerable to brute-force attacks,...

Fahmida Y. RashidMarch 21, 2013

Malware & Threats

Security Researchers Publish Java Flaw for Peer Review

Security Explorations, a start-up from Poland credited with the discovery of several Java flaws, has turned one of their discoveries out to the public...

Steve RaganMarch 20, 2013

Mobile & Wireless

Apple Fixes Screen Lock Bypass Bug With iOS 6.1.3 Update

Apple on Tuesday released iOS 6.1.3, the latest software update for iPhone and iPads, which fixes a security flaw that lets anyone with physical...

Mike LennonMarch 19, 2013

Tracking & Law Enforcement

Casino Loses $32 Million After Poker Player Hacks Surveillance Cameras

A casino in Melbourne, Australia is hoping to recuperate their losses, after a high-stakes card player scammed them out of millions of dollars before...

Steve RaganMarch 18, 2013

Black Hat

Huawei 3G and 4G Modems Leave Consumers Exposed, Researcher Says

A Russian security researcher accused China-based Huawei during a Black Hat Europe presentation last week of being slow to address security issues, stating that...

Steve RaganMarch 18, 2013