The makers of the popular IDA disassembly and debugging tool have fixed more than a dozen security vulnerabilities in a variety of versions. Some of the vulnerabilities are a couple of years old, and patches are provided for versions from 6.1 up through 6.6. IDA is a tool used by malware analysts, security researchers and[…]
Browsing Tag: vulnerabilities
Four different remotely exploitable vulnerabilities were recently discovered and patched in a popular SCADA server.
Some older versions of Apache Tomcat, the company’s open source web server and servlet container, are vulnerable to remote code execution.
Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid.
Adobe announced security updates and a new version of Flash Player for Windows, Mac and Linux; the company also announced it was postponing a scheduled update for Reader and Acrobat.
In the days and weeks following the public disclosure of the OpenSSL Heartbleed vulnerability in April, security researchers and others wondered aloud whether there were some organizations–perhaps the NSA–that had known about the bug for some time and had been using it for targeted attacks. A definitive answer to that question may never come, but[…]
A handful of bugs, mostly XSS and CSRF vulnerabilities, have been plaguing at least eight different WordPress plugins as of late.
Mozilla has released Firefox 32, the latest version of its browser, which now supports public-key pinning and also includes fixes for several critical security vulnerabilities. The move to support public-key pinning is an important one for Firefox, as it helps protect users against man-in-the-middle attacks that rely on forged certificates. The feature binds a set[…]
The 2014 IBM X-Force Threat Intelligence Quarterly takes a look back at Heartbleed and how organizations were affected by it.
Google has fixed 50 security vulnerabilities in its Chrome browser, including a critical string of bugs that can allow an attacker to execute arbitrary code outside of the browser’s sandbox. This is one of the larger batches of fixes that Google has produced for Chrome recently. The company releases frequent updates for the browser and often[…]