Hackers are exploiting a remote code execution vulnerability in Elasticsearch, according to one researcher who published logs from a honeypot he built showing 8,000 attempts to exploit the bug.
The ruling last week by the Second Circuit Court of Appeals that the NSA’s years-long bulk collection of phone metadata is illegal is a “clear signal” that courts are moving in the direction of striking down some mass surveillance programs, experts say. The decision, issued Thursday, is among the first major rulings to go against[…]
Dennis Fisher and Mike Mimoso talk about the end of the Patch Tuesday era for most Microsoft customers, the appeals court ruling on Section 215 metadata collection and Dennis’s idea for a security industry commission.
Zscaler has discovered a number of WordPress sites that have been backdoored and sending credentials to a hacker-controlled website.
There is a stack buffer overflow in a Rockwell Automation application that’s used to enable communications in industrial control applications used in manufacturing, energy, water,and other environments. The vulnerability is in the RSLinx Classic product and it can be used to crash the application or run arbitrary code. However, the bug is not exploitable remotely[…]
Adobe released pre-notification of security updates coming next week for its Reader and Acrobat products. The updates will address critical vulnerabilities in both products, Adobe said.
Researchers in Europe have published research examining weak, homegrown cryptography used in the Open Smart Grid Protocol.
Cisco has patched a critical input validation vulnerability in its UCS Central software.
Two vulnerabilities in two different WordPress plugins – an Arbitrary Variable Overwrite vulnerability in eShop, and an XSS vulnerability in Jetpack – were identified this week.
The United States Court of Appeals for the Second Circuit ruled Thursday that the Patriot Act does not authorize the bulk collection of phone records by the NSA. The ruling undermines the key foundation upon which the federal government’s phone metadata surveillance program is built, Section 215 of the Patriot Act. That program was the[…]