Browsing Category: Vulnerabilities

lock screenshot

Browser Vendors Move to Disable SSLv3 in Wake of POODLE Attack

With details of the new POODLE attack on SSLv3 now public, browser vendors are in the process of planning how they’re going to address the issue in their products in a way that doesn’t break the Internet for millions of users but still provides protection.

Read more...

java_sandbox

Java Reflection API Woes Resurface in Latest Oracle Patches

Oracle’s Critical Patch update addresses 154 vulnerabilities, many of which are remotely exploitable. Security Explorations of Poland, meanwhile, published details on a number of Java flaws in the Java Reflection API.

Read more...

ones and zeroes

New POODLE SSL 3.0 Attack Exploits Protocol Fallback Issue

A new attack on the SSLv3 protocol, disclosed Tuesday, takes advantage of an issue with the protocol that enables a network attacker to recover the plaintext communications of a victim.

Read more...

patch tuesday

Fixes for IE, Flash Player in October Patch Tuesday Release

Microsoft posted eight bulletins for Patch Tuesday, three of which are considered critical including a cumulative Internet Explorer update, while Adobe has fixes for Flash Player and ColdFusion.

Read more...

blackberry 10

BlackBerry 10 Devices Open to Bug That Allows Malicious App Installation

BlackBerry has patched a vulnerability in its BlackBerry 10 devices that could allow an attacker to intercept users’ traffic to and from the BlackBerry World app store and potentially install malware on a targeted device. The vulnerability is a weakness in the integrity checking system that BlackBerry uses to verify the apps that users download.[...]

Read more...

sand worm

Sandworm APT Team Found Using Windows Zero Day Vulnerability

A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe.

Read more...

SAP-patches

SAP Patches Seven Vulnerabilities in Three Products

SAP recently pushed out patches to address seven vulnerabilities in three different lines of software that could have opened those running the systems up to complete compromise.

Read more...