There’s a serious security vulnerability in the Belkin N150 wireless router that can enable a remote, unauthenticated attacker to read any system file on a vulnerable router. The bug is a directory traversal vulnerability and the CERT/CC advisory says that all versions of the router that are running firmware up to and including firmware version[...]
Browsing Category: Vulnerabilities
Geohot’s latest Android rooting tool relies on a privilege root access, escalation vulnerability affecting the majority of commercial Android builds.
Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the[...]
Qualys director of engineering Ivan Ristic published data that indicates about half of servers running OpenSSL are vulnerable to CVE-2014-0224.
A critical, remotely exploitable bug in some BIND domain name system (DNS) servers could cause a denial of service situation and trigger them to crash.
Ever since the Zeus source code leaked in late 2010, criminals have been creating highly customized, difficult-to-detect versions of it that target very specific services.
An Austrian teen at the center of yesterday’s TweetDeck security incident explains how things went wrong and what the last 24 hours have been like.
While the group of vulnerabilities that the OpenSSL Project patched last week hasn’t grown into the kind of mess that the Heartbleed flaw did, the vulnerabilities still affect a huge range of products.
TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today.
Google patched a vulnerability that a researcher was able to exploit in order to collect every Gmail address.