Articles about vulnerabilities

shutterstock_gold

Want a $200k TIP? ZDI sticks bounties on bugs in big-name server code

A bunch of new bug bounty rewards are up for grabs from the Zero Day Initiative, in a first-come, best-dressed program kicking off on August 1. The Trend Micro-backed operation announced on July 24 what it called the Targeted Incentive Program (TIP). Besides the mention of Microsoft Windows Server 2016, the TIP focuses paying …

Telco IT admins on red alert as Cisco flings out patches for security holes in policy toolkit

Cisco has emitted 25 product security advisories – with four critical bugs flattened in its service provider-oriented Cisco Policy Suite. The suite’s Policy Builder toolkit can be exploited by an unauthenticated remote attacker to gain access to its policy interface, due to an authentication bug (CVE-2018-0376). The switch …
plasters cover arm. photo by shutterstock

Huawei enterprise comms kit has a TLS crypto bug

Huawei has rolled patches to various enterprise and broadcast products to fix a cryptography bug. In late 2017 (inferred from the bug's Common Vulnerabilities and Exposures entry, CVE-2017-17174, which was reserved in December), the company discovered some products had an insecure encryption algorithm. The flaw could allow a …
Fabric bolts photo via Shutterstock

Cisco passes around antidotes to noxious NX-OS code execution bugs

Get your ticket to the Cisco catwalk, sysadmins, and watch Switchzilla strut 24 FXOS and NX-OS software security advisories. Five advisories in the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection are dressed in a luscious, Critical-rated red, while the remaining 19 merely hit the High. Four of the …
Cats eyes behind a zip

Loose .zips sink chips: How poisoned archives can hack your computer

Video Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer's file system – and potentially execute malicious code. Specifically, the flaws, dubbed "Zip Slip" by its discoverers at security outfit Snyk, are path traversals that can potentially be …
Shaun Nichols, 5 Jun 2018

Apple Mac fans told: Something smells EFI in your firmware

Pre-boot software on Macs is often outdated, leaving Apple fans at a greater risk of malware attack as a result, according to new research. An analysis of 73,000 Apple Macs by Duo Security found that users are unknowingly exposed to sophisticated malware-based attacks because of outdated firmware. On average, 4.2 per cent of …
John Leyden, 29 Sep 2017
Litter

Finance sector is littered with vulns, and guess what – most can be resolved by patching

Security vulnerabilities across the finance sector have increased more than fivefold (418 per cent) in the last four years, according to a study by NCC Group. The most common high and medium-risk vulnerabilities were found in customer-facing web apps. NCC categorised vulnerabilities found in 168 financial services …
John Leyden, 22 Sep 2017
power outage

Hackers could exploit solar power equipment flaws to cripple green grids, claims researcher

A Dutch researcher says he found a way to cause mischief on power grids by exploiting software bugs in solar power systems. Specifically, Willem Westerhof, a cybersecurity researcher at ITsec, said he uncovered worrying flaws within power inverters – the electrical gear turns direct current from solar panels into alternating …
Iain Thomson, 7 Aug 2017
Volodymyr Krasyuk http://www.shutterstock.com/gallery-286606p1.html

WordPress plugs eight holes in latest release

WordPress has patched a series of vulnerabilities in its content management system shuttering bugs affecting more than 10 million users. The release of version 4.7.1 closes eight vulnerabilities including cross-site scripting, cross-site request forgery, and other remotely-acessible attack vectors. "This is a security release …
Team Register, 13 Jan 2017
Duck Hunt. Credit: Nintendo.

MongoDB hackers now sacking ElasticSearch

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances. Some 35,000 mostly Amazon Web Services ElasticSearch servers are open to the internet and to ransoming criminals, Shodan boss John Matherly says. So far more than 360 instances have had data copied and …
Darren Pauli, 13 Jan 2017
Venomous snake

Sundown exploit kit weaves Edge hack hole

Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept. The addition of the twin bugs (CVE-2016-7200 and CVE-2016-7201) means unpactched users of one of the world's most unpopular web browsers are likely to be targeted by a wide …
Darren Pauli, 11 Jan 2017
band_aid_patching_648

EMC slings patch at remote hack nonce-nse

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses. The patched vulnerability (CVE-2016-0917) affects EMC's VNX1, VNX2 and VNXe systems, including the end-of-life Celerra which will not receive a fix. EMC researchers wrote in a security notice that remote attackers could access the SMB …
Team Register, 11 Jan 2017
Image by GTS http://www.shutterstock.com/gallery-519838p1.html

Netgear unveils world's easiest bug bounty

Netgear has broken ranks from the consumer router security shame factory to offer a bug bounty sporting extra rewards for chained exploits. Hoping to shake the SOHOpeless tag, the vendor will hand out up to US$15,000 for hackers reporting global remote unauthorised access from the internet to Netgear devices, and unauthorised …
Darren Pauli, 6 Jan 2017
still_life_with_skull_cropped_648

Libpng library gets fix for truly ancient bug

Slackware has raced out of the blocks in 2017, issuing one patch for the libpng image library on New Year's Day, and two Mozilla patches. The libpng bug got its Common Vulnerabilities and Exposures number, CVE-2016-10087, on December 30. Slackware's announcement says the bug can't be exploited without active user input. The “ …
Workers loading mail sacks onto Mail Rail 1935 photo The Postal Museum and Mail Rail

Hate 'contact us' forms? This PHPmailer zero day will drop shell in sender

Websites using PHPMailer for forms are at risk from a critical-rated remote code execution zero day bug. Legal Hackers researcher Dawid Golunski found the vulnerability (CVE-2016-10074) in the much-used library, found in the world's most popular content management systems and addons. The bug also affects the Zend Mailer and …
Darren Pauli, 3 Jan 2017
android_toys_648

Android tops 2016 vuln list, with 523 bugs

Of any single product, CVE Details reckons, Android had the most reported vulnerabilities in 2016 – but as a vendor, Adobe still tops the list. The analysis is limited by the fact that only vulnerabilities passing through Mitre's Common Vulnerabilities and Exposures (CVE) database are counted. That's a statistically worthwhile …
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

P0wnographer finds remote code exec bug in McAfee enterprise

McAfee has taken six months to patch 10 critical vulnerabilities in its VirusScan Enterprise Linux client. And these were nasty bugs as when chained they resulted remote code execution as root. Andrew Fasano, security researcher with MIT Lincoln Laboratory, says attackers can chain the flaws to compromise McAfee Linux clients …
Darren Pauli, 13 Dec 2016

Microsoft Edge's malware alerts can be faked, researcher says

Technical support scammers have new bait with the discovery that Microsoft's Edge browser can be abused to display native and legitimate-looking warning messages. The flaws exist in Microsoft's Edge protocols ms-appx: and ms-appx-web: which the browser uses to present warning messages when phishing or malware delivery sites …
Darren Pauli, 12 Dec 2016

Create a news alert about vulnerabilities, or find more stories about vulnerabilities.

Biting the hand that feeds IT © 1998–2018