The GnuTLS bug is being joined at the hip to the recent Apple goto fail bug, but experts hoping to stem off confusion say the two vulnerabilities are different despite having the same consequences.
Browsing Tag: vulnerabilities
Security researchers have been investing in developing exploits for Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), but hints are surfacing that hackers are taking notice too.
A critical vulnerability in GnuTLS, a popular open source crypto library, puts hundreds of software packages including popular Linux distribution at risk.
More than 300,000 home and small office routers were compromised in large-scale attacks that altered DNS configurations and redirected traffic to attacker-controlled sites.
Schneider Electric Mitigates Vulnerabilities in OPC Factory Server and Floating License Manager Products
ICS-CERT posted a pair of advisories for Schneider Electric SCADA and industrial control system equipment that could allow an attacker to execute malicious programs.
Oracle’s Demantra is fraught with vulnerabilities that could allow an attacker to extract sensitive information, carry out phishing attacks, and modify content within the application, among other attacks.
Researchers at Bromium Labs are expected to deliver a paper today that explains how they were able to bypass all of the memory protection mitigations in Microsoft’s Enhanced Mitigation Experience Toolkit
Developers with popular dating application Tinder have fixed a vulnerability that up until last year could have allowed users to track other users.
Google Chrome 33 is out, and the new version of the browser includes fixes for 28 security vulnerabilities, including a number of high-severity bugs. The company paid out more than $13,000 in rewards to researchers who reported vulnerabilities that were fixed in this release. One of the high-priority vulnerabilities Google patched in Chrome 33 is[...]
Adobe released an out-of-band patch for its Flash Player that corrects a zero-day vulnerability being exploited in the wild in watering hole attacks against defense and public policy websites.