Vulnerabilities

Critical Bug Impacts Live555 Media Streaming Libraries

A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software.

Two Critical RCE Bugs Patched in Drupal 7 and 8

Drupal’s advisory also included three patches for “moderately critical” bugs.

AWS FreeRTOS Bugs Allow Compromise of IoT Devices

The bugs let hackers crash IoT devices, leak their information, and completely take them over.

Trivial Post-Intrusion Attack Exploits Windows RID

by Lindsey O'Donnell

October 19, 2018

Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.

Oracle Fixes 301 Flaws in October Critical Patch Update

by Lindsey O'Donnell

October 17, 2018

The update includes one critical flaw in Oracle GoldenGate with a CVSS 3.0 score of 10.0.

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

by Tara Seals

October 17, 2018

The flaw affects thousands of servers; but GitHub, a major libssh user, is unaffected.

Multiple D-Link Routers Open to Complete Takeover with Simple Attack

by Tara Seals

October 17, 2018

The vendor only plans to patch two of the eight impacted devices, according to a researcher.

On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy

by Lindsey O'Donnell

October 17, 2018

The update also features 23 security fixes.

Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers

by Tara Seals

October 17, 2018

The flaw impacted patients with pacemakers, implantable defibrillators, cardiac resynchronization devices and insertable cardiac monitors.

As End of Life Nears, More Than Half of Websites Still Use PHP V5

by Lindsey O'Donnell

October 16, 2018

Support for PHP 5.6 drops on December 31 – but a recent report found that almost 62 percent of websites are still using version 5.

The first stop for security news | Threatpost

Vulnerabilities

Critical Bug Impacts Live555 Media Streaming Libraries

Two Critical RCE Bugs Patched in Drupal 7 and 8

AWS FreeRTOS Bugs Allow Compromise of IoT Devices

Trivial Post-Intrusion Attack Exploits Windows RID

Oracle Fixes 301 Flaws in October Critical Patch Update

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

Multiple D-Link Routers Open to Complete Takeover with Simple Attack

On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy

Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers

As End of Life Nears, More Than Half of Websites Still Use PHP V5

Editor's Picks

Facebook Expands Efforts to Squash Voter Suppression

Up to 35 Million 2018 Voter Records For Sale on Hacking Forum

NotPetya Linked to Industroyer Attack on Ukraine Energy Grid

Facebook Offers Details on ‘View As’ Breach, Revises Numbers

Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm

The first stop for security news | Threatpost

Topics

Authors

Threatpost

Subscribe to our Threatpost Today newsletter

Vulnerabilities

Editor's Picks

Subscribe to Threatpost Today

Subscribe to our newsletter, Threatpost Today!

The first stop for security news | Threatpost

Topics

Authors

Threatpost

**Subscribe to our Threatpost Today newsletter**