UPDATE–Oracle, never the most researcher-friendly software vendor, has taken its antagonism to another level after publishing a blog post by CSO Mary Ann Davidson that rails against reverse engineering and saying that the company has no need for researchers to look at Oracle’s code for vulnerabilities because “it’s our job to do that, we are[…]
Browsing Category: Vulnerabilities
Adobe has released a massive update for Flash, the application that has become the Internet’s problem child. The update contains patches for more than 30 vulnerabilities in Flash on Windows, OS X, and Linux. Adobe pushed out the fixes on Tuesday afternoon, the latest in a long series of fixes for Flash in the last[…]
Google has patched a severe Android serialization vulnerability that exposes more than half of devices to takeover.
The Darkhotel APT gang has extended its geographic reach to victims in a host of additional countries, and has added to its cache of zero days with its use of a HackingTeam exploit for a Flash zero-day vulnerability.
Mozilla has released a patch for a vulnerability in Firefox that was discovered when a user found it being actively exploited in the wild.
Researchers at Black Hat found a weak spot in some WSUS configurations that could allow an attacker to compromise any server or desktop in an enterprise.
A device called BEKey which is the size of a quarter and can be installed in 60 seconds on a proximity card reader could potentially be used to break physical access controls in 80 percent of deployments.
Google is changing the way that it updates its Nexus Android phones and will now send out monthly over-the-air updates to users.
Dell SecureWorks researchers today at Black Hat released a new report on Emissary Panda, or TG-3390, a China-sponsored APT gang that has refined the types of data it covets.
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.