Articles about vulnerabilities

Now this might be going out on a limb, but here's how a branch.io bug left '685 million' netizens open to website hacks

Bug-hunters have told how they uncovered a significant security flaw that affected the likes of Tinder, Yelp, Shopify, and Western Union – and potentially hundreds of millions of folks using these sites and apps. The software sniffers said they first came across the exploitable programming blunder while digging into webpage …
Shaun Nichols, 12 Oct 2018
perplexed woman on phone

Rap for WhatsApp chat app chaps in phone-to-pwn security nap flap

WhatsApp has patched a vulnerability it its smartphone code that could have been exploited by miscreants to crash victims' chat app simply by placing a call. Google Project Zero whizkid and Tamagotchi whisperer Natalie Silvanovich discovered and reported the flaw, a memory heap overflow issue, directly to WhatsApp in August. …
Shaun Nichols, 9 Oct 2018

'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud

Miscreants can potentially gain admin-level control over Western Digital's My Cloud gear via an HTTP request over the network or internet. Researchers at infosec shop Securify revealed today the vulnerability, designated CVE-2018-17153, which allows an unauthenticated attacker with network access to the device to bypass …
Shaun Nichols, 18 Sep 2018
mountain

Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers

An infosec bod has documented a remote-code execution flaw in Alpine Linux, a distro that pops up a lot in Docker containers. Max Justicz, researcher and creator of crowd-sourced bug bounty system Bountygraph, said on Thursday that the vulnerability could be exploited by someone with man-in-the-middle (MITM) network access, or …
Shaun Nichols, 15 Sep 2018

When is a patch not a patch? When it's for this McAfee password bug

A privilege escalation flaw in McAfee's True Key software remains open to exploitation despite multiple attempts to patch it. This according to researchers with security shop Exodus Intel, who claim that CVE-2018-6661 was not fully addressed with either of the two patches McAfee released for it. The flaw is an elevation of …
Shaun Nichols, 11 Sep 2018
shutterstock_gold

Want a $200k TIP? ZDI sticks bounties on bugs in big-name server code

A bunch of new bug bounty rewards are up for grabs from the Zero Day Initiative, in a first-come, best-dressed program kicking off on August 1. The Trend Micro-backed operation announced on July 24 what it called the Targeted Incentive Program (TIP). Besides the mention of Microsoft Windows Server 2016, the TIP focuses paying …

Telco IT admins on red alert as Cisco flings out patches for security holes in policy toolkit

Cisco has emitted 25 product security advisories – with four critical bugs flattened in its service provider-oriented Cisco Policy Suite. The suite’s Policy Builder toolkit can be exploited by an unauthenticated remote attacker to gain access to its policy interface, due to an authentication bug (CVE-2018-0376). The switch …
plasters cover arm. photo by shutterstock

Huawei enterprise comms kit has a TLS crypto bug

Huawei has rolled patches to various enterprise and broadcast products to fix a cryptography bug. In late 2017 (inferred from the bug's Common Vulnerabilities and Exposures entry, CVE-2017-17174, which was reserved in December), the company discovered some products had an insecure encryption algorithm. The flaw could allow a …
Fabric bolts photo via Shutterstock

Cisco passes around antidotes to noxious NX-OS code execution bugs

Get your ticket to the Cisco catwalk, sysadmins, and watch Switchzilla strut 24 FXOS and NX-OS software security advisories. Five advisories in the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection are dressed in a luscious, Critical-rated red, while the remaining 19 merely hit the High. Four of the …
Cats eyes behind a zip

Loose .zips sink chips: How poisoned archives can hack your computer

Video Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer's file system – and potentially execute malicious code. Specifically, the flaws, dubbed "Zip Slip" by its discoverers at security outfit Snyk, are path traversals that can potentially be …
Shaun Nichols, 5 Jun 2018

Apple Mac fans told: Something smells EFI in your firmware

Pre-boot software on Macs is often outdated, leaving Apple fans at a greater risk of malware attack as a result, according to new research. An analysis of 73,000 Apple Macs by Duo Security found that users are unknowingly exposed to sophisticated malware-based attacks because of outdated firmware. On average, 4.2 per cent of …
John Leyden, 29 Sep 2017
Litter

Finance sector is littered with vulns, and guess what – most can be resolved by patching

Security vulnerabilities across the finance sector have increased more than fivefold (418 per cent) in the last four years, according to a study by NCC Group. The most common high and medium-risk vulnerabilities were found in customer-facing web apps. NCC categorised vulnerabilities found in 168 financial services …
John Leyden, 22 Sep 2017
power outage

Hackers could exploit solar power equipment flaws to cripple green grids, claims researcher

A Dutch researcher says he found a way to cause mischief on power grids by exploiting software bugs in solar power systems. Specifically, Willem Westerhof, a cybersecurity researcher at ITsec, said he uncovered worrying flaws within power inverters – the electrical gear turns direct current from solar panels into alternating …
Iain Thomson, 7 Aug 2017
Volodymyr Krasyuk http://www.shutterstock.com/gallery-286606p1.html

WordPress plugs eight holes in latest release

WordPress has patched a series of vulnerabilities in its content management system shuttering bugs affecting more than 10 million users. The release of version 4.7.1 closes eight vulnerabilities including cross-site scripting, cross-site request forgery, and other remotely-acessible attack vectors. "This is a security release …
Team Register, 13 Jan 2017
Duck Hunt. Credit: Nintendo.

MongoDB hackers now sacking ElasticSearch

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances. Some 35,000 mostly Amazon Web Services ElasticSearch servers are open to the internet and to ransoming criminals, Shodan boss John Matherly says. So far more than 360 instances have had data copied and …
Darren Pauli, 13 Jan 2017
Venomous snake

Sundown exploit kit weaves Edge hack hole

Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept. The addition of the twin bugs (CVE-2016-7200 and CVE-2016-7201) means unpactched users of one of the world's most unpopular web browsers are likely to be targeted by a wide …
Darren Pauli, 11 Jan 2017
band_aid_patching_648

EMC slings patch at remote hack nonce-nse

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses. The patched vulnerability (CVE-2016-0917) affects EMC's VNX1, VNX2 and VNXe systems, including the end-of-life Celerra which will not receive a fix. EMC researchers wrote in a security notice that remote attackers could access the SMB …
Team Register, 11 Jan 2017
Image by GTS http://www.shutterstock.com/gallery-519838p1.html

Netgear unveils world's easiest bug bounty

Netgear has broken ranks from the consumer router security shame factory to offer a bug bounty sporting extra rewards for chained exploits. Hoping to shake the SOHOpeless tag, the vendor will hand out up to US$15,000 for hackers reporting global remote unauthorised access from the internet to Netgear devices, and unauthorised …
Darren Pauli, 6 Jan 2017

Create a news alert about vulnerabilities, or find more stories about vulnerabilities.

Biting the hand that feeds IT © 1998–2018