There is a vulnerability buried deep in the firmware of many Apple laptops that could allow an attacker to overwrite the machine’s BIOS and install a rootkit, gaining complete control of the Mac. The vulnerability lies in the UEFI system on some older MacBooks, and researcher Pedro Vilaca discovered that after a MacBook is put to[…]
Browsing Category: Vulnerabilities
A poor crypto implementation in the Blockchain Android app results in lost Bitcoin for a number of affected users.
A dozen vulnerabilities, including three critical architectural issues, in PeopleSoft implementations were discussed this week at Hack in the Box, putting ERP security in the spotlight.
Apple announced that it will block out of date versions of Flash Player after a major update to the Adobe software two weeks ago.
Human machine interface software from Rockwell Automation has been patched, protecting users from a vulnerability in the way stored passwords are protected.
Influential security researchers have begun publishing their comments, objections and concerns regarding the proposed U.S. export control rules under the Wassenaar Arrangement.
Researchers from Core Security were able to exploit a security vulnerability in Windows’ group policy — MS15-011 — that was patched by Microsoft in February.
French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. Cloud Station is a system that allows users to sync files across a number of devices. The system saves changes to files on[…]
Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product.