Public exploits are available for critical ImageMagick vulnerabilities, increasing the risk to websites that use the open source image-processing software.
Browsing Tag: vulnerabilities
The Massachusetts Institute of Technology announced this week that it will launch its own experimental bug bounty program.
Oracle fixed 136 vulnerabilities across 46 different products this week as part of its regularly scheduled Critical Patch Update.
Google determined that Safe Browsing warnings correlate with quicker remediation times, though not as quick as direct contact with webmasters who have registered with Google Search Console.
A Berkeley postdoctoral researcher and former MIT student will soon unveil Space, a static-analysis web-application security tool that can find vulnerabilities in a minute.
Mike Mimoso and Chris Brook recap the news of the week, including the Badlock bust, encryption legislation, and cryptoworm ransomware. Mike also discusses last week’s Infiltrate Con.
In this Threatpost Op-Ed, Katie Moussouris explains the significance of the newly free availability of ISO Standard 29147 Vulnerability disclosure, and why it keeps an important dialogue open between hackers and industry.
Google updated Chrome to version 50.0.2662.75, patching 20 vulnerabilities, including two high-severity bugs that qualified for rewards.
Current versions of IBM SDK 7 and SDK 8 remain vulnerable to a 2013 Java vulnerability. Security Explorations discovered the original patch is broken and disclosed details on the flaw and a proof-of-concept exploit.
CBS recently fixed a vulnerability in its popular Sports application that could have exposed users to man-in-the-middle attacks and inadvertently leaked personal data.