Researchers at ERPScan today disclosed details and a proof-of-concept exploit for a SAP GUI remote code execution vulnerability patched last week.
Browsing Author: Michael Mimoso
A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Adium for the macOS platform.
Since January, a number of ransomware families are sharing a common infrastructure with different techniques allowing the malware to hide from detection systems.
A researcher has published a method by which a local admin can hijack any other Windows sessions without the need for credentials.
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Security tools that proxy and inspect HTTPS traffic create a blindspot for network administrators trying to determine whether communication between clients and servers is secure.
Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group.
Intel and Microsoft announced bug bounties, paying $30,000 and $15,000 respectively for critical vulnerabilities.
The Department of Justice indicted four individuals, including two Russian FSB officers, for their roles in the Yahoo breach.
JSON libraries using the JWE specification to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key.