Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical privacy vulnerability in the iOS version of its app.
Browsing Category: Vulnerabilities
Adobe released security updates for Flash Player, Reader, Acrobat and ColdFusion. The Flash vulnerability is being exploited in the wild, Adobe said.
Researchers at Kaspersky Lab have found two Linux modules connected to the Turla APT campaigns.
The POODLE attack against SSLv3 that researchers from Google revealed earlier this year also affects some implementations of TLS and vendors now are scrambling to release patches for gear affected by the vulnerability. Soon after the POODLE attack was disclosed in October, researchers began looking into whether it might affect protocols other than SSLv3. It quickly[…]
VMware released patches late last week to fix several vulnerabilities, including a cross-site scripting issue, in one of its server virtualization platforms.
A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox.
Troels Oerting, head of Europol’s EC3, explains the extreme difficulties law enforcement faces when investigating and prosecuting cybercrime at Georgetown Law’s Cybercrime 2020.
Adobe announced security updates for Reader and Acrobat that likely include patches for a sandbox escape vulnerability. Google’s Project Zero released details and exploit code earlier this week.
Microsoft’s December 2014 advanced Patch Tuesday notification includes three critical bulletins and a missing Exchange patch originally scheduled for November.
There is an easily exploitable remote code execution vulnerability in a popular WordPress plugin that helps manage file downloads and researchers say the bug could be used by even a low-level attacker to run arbitrary code on a vulnerable site.