PayPal has rewarded two researchers with bug bounties for the discovery of a Java serialization vulnerability in manager.paypal.com
Browsing Category: Web Security
Cisco has demonstrated an attack against Stack Smashing Protection in Linux systems that is facilitated by a critical vulnerability in MiniUPnP.
Mozilla has patched a number of critical vulnerabilities in Firefox 44 and Firefox Extended Release 38.6, which were released this week.
Amazon’s new Certificate Manager is providing SSL certificates for free to AWS customers but experts warn it’s only a matter of time before they’re exploited.
Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.
FreeBSD has patched a kernel panic vulnerability is versions compiled to support IPv6 and SCTP.
AMX, a provider of audio-visual conferencing gear used in sensitive government and military locations, has removed a “deliberate” backdoor in one of its central controller system products.
Mike Mimoso and Chris Brook discuss the week in news, including the Linux zero day–how it was patched in Android, Twitter users who are still looking for answers, and bot fraud.
Google has patched Android against a critical Linux kernel vulnerability, and said the number of affected Android devices has been exaggerated.
Metasploit creator HD Moore announced he’s leaving Rapid7 at the end of the month for a new venture capital opportunity.