Duo Security acknowledged late last week that it had discovered a vulnerability in its WordPress plugin that could allow a user to bypass two-factor authentication (2FA) on a multisite network.
Browsing Author: Chris Brook
More than 300,000 credentials were posted on the clipboard website Pastebin.com in the year 2013 alone according to a recent analysis by a Swiss security firm.
A new campaign, dubbed Operation SnowMan, was been spotted leveraging a previously unknown zero-day in Internet Explorer 10 after the U.S. Veterans of Foreign Wars’ website was compromised this week.
Netcraft warns users that it has spotted a number of phony SSL digital certificates posing as legitimate Google, Facebook, GoDaddy, YouTube and iTunes certs.
BlackBerry this week released a new set of privacy guidelines its encouraging third-party app developers to follow to better protect their customers.
Facebook has fixed Instagram to remedy a cross-site request forgery (CSRF) vulnerability that could’ve put some photos users thought were private, out in the open.
Adobe has announced it will release a patch for its Shockwave Player today to fix what it deems are critical vulnerabilities in the platform.
A Russian researcher was able to take five low severity OAuth bugs and string them together to create what he calls a “simple but high severity exploit” in Github.
Comcast servers were hacked, yielding a list of the company’s mail servers, passwords and a link to the root file that contains the vulnerability the hackers used.
Google has announced it will retool its bounty program and extend its scope to include all Chrome apps and extensions branded as “by Google.”