Researchers at Duo Security are expected today at Ekoparty to reveal data and a paper that shows Mac users are not receiving EFI firmware updates at expected.
Browsing Tag: vulnerabilities
Google’s Project Zero released a proof-of-concept attack against a Wi-Fi firmware vulnerability in Broadcom chips that backdoors the iPhone 7. The flaw was patched in iOS 11.
IOActive analyzed 21 mobile stock trading platforms and found vulnerabilities that put transactions and personal information at risk. Of the 13 firms notified, only two acknowledged the disclosure.
The U.S. Securities and Exchange Commission said this week that hackers managed to infiltrate one of its systems last year, something that likely facilitated insider trading.
Samba released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client.
Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials.
The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions. Apache, and many Linux distributions, have patched the flaw.
Users who run four different types of VMware products, ESXi, vCenter Server, Fusion and Workstation, are being encouraged to update to address a series of vulnerabilities, one critical.
Trivially exploitable vulnerabilities in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service have been discovered.
Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.