HackerOne released a free model that assesses an organization’s readiness to accept outside vulnerability reports.
Browsing Category: Web Security
Adobe has released a Flash Player update that addresses 23 critical vulnerabilities in the software, many which can lead to code execution.
As expected, Google formally announced its intent to move away from the stream cipher RC4 and the protocol SSLv3 this week, citing a long history of weaknesses in both.
Private keys used to sign D-Link software were included in open-source firmware published by the company.
Bugzilla users should upgrade to current versions after a privilege escalation vulnerability was reported and patched.
Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability.
A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about[…]
Let’s Encrypt hit a major milestone today when its first free and automated cert went live.
WordPress upgraded to 4.3.1, patching a pair of vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes.
As many researchers expected it would, CoreBot, the credential-stealing malware that first surfaced last month, has added a bevy of new capabilities and reinvented itself as a robust banking Trojan.