Browsing Tag: vulnerabilities
Secure smartphone manufacturer Blackphone announced today that it has launched a bug bounty program hosted on the Bugcrowd platform.
Details of a patched privacy vulnerability in MyFitnessPal, a popular fitness and nutrition mobile application, were disclosed this week, three months after a fix was deployed.
Research from the University of Maryland proposes new security metrics that can help enterprises understand risks to their products and prioritize patching and vulnerability management.
The deadline for a syntax change for CVE identifiers is coming on Jan. 13 when the four-digit format will support five or more. Vendors must update vulnerability management products to support the new syntax.
UPDATE–There are several unpatched, remotely exploitable vulnerabilities in a number of Schneider Electric’s SCADA products, one of which could be used to perform a shutdown of the SCADA server. Another of the vulnerabilities is an authentication bypass that could give an attacker access to sensitive data. The vulnerabilities affect a variety of Schneider Electric StruxureWare[...]
FreeBSD patched a vulnerability in the way the OS handles TCP packet processing that could lead to a denial-of-service attack on a server.
A relatively new exploit kit that exploits old versions of Adobe Flash, Reader and, Silverlight has begun to make the rounds.
The United States Air Force is attempting to enhance its cyber situational awareness in order to contend with “increasingly sophisticated” threats to its networks and systems.
The makers of the popular IDA disassembly and debugging tool have fixed more than a dozen security vulnerabilities in a variety of versions. Some of the vulnerabilities are a couple of years old, and patches are provided for versions from 6.1 up through 6.6. IDA is a tool used by malware analysts, security researchers and[...]