At the Security Analyst Summit, Mark Dowd described how memory corruption mitigations are successfully driving up exploit development costs.
Browsing Tag: vulnerabilities
Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.
The latest Wikileaks dump of Apple hacking tools, the LastPass vulnerabilities, and a new Android security report are discussed.
Researchers at ERPScan today disclosed details and a proof-of-concept exploit for a SAP GUI remote code execution vulnerability patched last week.
A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Adium for the macOS platform.
Mozilla patched a zero day uncovered at Pwn2Own in Firefox in 22 hours on Friday.
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Mike Mimoso and Chris Brook discuss the news of the week, including Pwn2Own 2017, Microsoft’s silence around February’s Patch Tuesday, and a nasty SAP bug.
On the first day of Pwn2Own 2017 hackers poked holes in Adobe Reader, Apple Safari, Microsoft Edge, and Ubuntu Linux.
Intel and Microsoft announced bug bounties, paying $30,000 and $15,000 respectively for critical vulnerabilities.