A look at 200 zero day vulnerabilities reveals key details on longevity, value and how long it takes to create one after a software vulnerability has been identified.
Browsing Category: Web Security
Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.
The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.
WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.
Western Digital NAS owners were warned of critical flaws in the company’s My Cloud line of hardware that opened up data stored on those devices to attack.
A bill that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences.
A massive spam operation that sent out more than one billion messages a day was exposed by researchers who called the operation “illegal” and a “tangible threat to online privacy and security.”
A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.
HackerOne announced a free version of its platform for open source projects.