The OpenSSL Project has released several new versions of the software that fix eight security vulnerabilities, including several certificate issues and a couple of denial-of-service flaws. The patches included in OpenSSL 1.0.0p, 1.0.1k and 0.98zd are not for critical or high-risk vulnerabilities, but they do fix some interesting vulnerabilities. Two of the bugs are rated moderate and the other[…]
Browsing Category: Vulnerabilities
Instead of relying on their own sites to host malware, hackers are using a series of strings of malicious backdoor code on Pastebin sites and calling upon it to execute malware.
Researchers have detected a malvertising campaign running on a pair of sites owned by Huffington Post that is using ads distributed through an AOL ad network. The attack is sending victims through a series of redirects that eventually brings them to a landing page that is running an exploit kit.
A researcher has called out U.K.-based personalized greeting card vendor Moonpig for a 17-month-old vulnerability that puts customer and payment card data at risk.
The CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University issued three advisories today warning of serious UEFI vulnerabilities.
Bitstamp, a Bitcoin exchange based in the United Kingdom, remains offline this morning following what appears to have been a compromise over the weekend.
The maintainers of the Openwall security enhanced Linux distribution have released a new stable version, which includes fixes for a number of serious vulnerabilities, such as the Shellshock Bash bug and the flaw in SSLv3 that leads to the POODLE attack.
Google’s Project Zero disclosed details of a Windows privilege elevation vulnerability. Google said it reported the to Microsoft but it has yet to be patched.
Researchers warn that since public disclosure of a file-upload vulnerability in the WordPress Symposium plug-in and the availability of proof-of-concept exploit code, scans and exploit attempts are on the rise.
A new year begins at midnight and Threatpost highlights seven things you’re bound to contend with in 2015.