Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
Xen patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.
Web hosting service 000webhost told customers that 13.5 customer usernames, plaintext passwords, email addresses, IP addresses, and names were exposed in a breach.
Rockwell Automation has patched a handful of vulnerabilities in its Allen-Bradley MicroLogix programmable logic controllers
A researcher challenges a conclusion in a recent academic paper on weak Diffie-Hellman implementations that claims 66 percent of IPsec VPN connections are at risk.
Members of the Senate voted overwhelmingly Tuesday to pass a version of the Cybersecurity Information Sharing Act, a bill that many opposed argue will lead to continued pervasive government spying.
Mike Mimoso talks to Cigital’s Gary McGraw about software security and analysis from the sixth version of the Building Security in Maturity Model report.
Car hacking and phone jailbreaking were made exempt from restrictions in the DCMA.
Attackers have been carrying out attacks on sites running old, unpatched versions of Joomla following the disclosure of a critical SQL injection vulnerability in the software last week
Adobe updated its Shockwave Player, patching a critical memory corruption vulnerability in the software.