Researchers at Vectra Networks describe an attack against an inexpensive webcam and how they were able to turn it into a network backdoor.
Browsing Category: Vulnerabilities
Juniper Networks has removed the backdoored Dual_EC DRBG algorithm from its ScreenOS operating system, but new developments show Juniper deployed Dual_EC long after it was known to be backdoored.
General Motors’ new vulnerability disclosure program does not come with a monetary reward, but the automaker promises not to sue researchers looking for flaws in its products and services.
Tuesday’s impending deadline ending security support for Internet Explorer 8, 9 and 10 is putting companies on notices about moving off older versions of the browser.
Developers at WordPress are warning users of the content management system to download and apply the most recent update, pushed yesterday, to address a cross-site scripting vulnerability.
Researchers have demonstrated new collision attacks against SHA-1 and MD5 implementations in TLS, IKE and SSH.
A number of issues exist in the content management system Drupal that could lead to code execution and the theft of database credentials via a man-in-the-middle attack, a researcher warns.
Silent Circle patched a Blackphone vulnerability, closing an open socket that exposed the mobile device’s modem to attack.
Exploit acquisition company Zerodium announced it would pay up to $100,000 for heap isolation mitigation bypasses against Adobe Flash Player.
Researchers at Synacktiv have disclosed a vulnerability in the Cisco Jabber Client for various platforms that exposes devices to man-in-the-middle attacks.