The Department of Education was told this week that its failed to heed repeated warnings that its systems contain multiple weaknesses.
Browsing Category: Vulnerabilities
LinkedIn fixed a persistent cross site scripting vulnerability in its site this week that could have spread a worm on the service’s help forums.
Carnegie Mellon University implied in a statement that it received a subpoena requesting its research on breaking Tor hidden services, and also implied it was not paid $1 million for the work as alleged by the Tor Project.
A Florida integrator who discovered the Conficker worm lurking in body cameras meant for police use takes Threatpost inside the story, including a frustrating disclosure with a disbelieving manufacturer.
Adobe patched vulnerabilities in ColdFusion, LiveCycle Data Services and Premiere Clip for iOS.
Most applications, including Firefox, are not vulnerable to a pair of memory corruption vulnerabilities patched in the libpng PNG reference library.
Research presented during Black Hat Europe demonstrates how attackers can abuse business applications connected to ICS and SCADA gear.
Spring Social, a popular Java library used for social authentication, patched a risky cross-site request forgery vulnerability.
At PacSec 2015, researchers demonstrated attacks using poisoned barcodes scanned by numerous keyboard wedge barcode scanners to open a shell on a machine and virtually type control commands.
Researchers at Endgame shared how two exploit mitigations could go a long way toward wiping out a nasty class of vulnerabilities.