As everyone waits for news of a bug in OpenSSL, here's a reminder that other cryptographic code in your life may also need patching!
...moreSummary
Total Articles Found: 16
Top sources:
Top Keywords:
- Vulnerability: 16
- vulnerability: 6
- Security threats: 4
- Zero Day: 3
- Privacy: 3
Top Authors
- Paul Ducklin: 7
- Graham Cluley: 4
- John E Dunn: 2
- Jeff Dileo: 1
- noreply@blogger.com (Unknown): 1
Top Articles:
- Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
- Two zero days and 15 critical flaws fixed in July’s Patch Tuesday
- Serious flaws in six printer brands discovered, fixed
- Chrome and Edge fix zero-day security hole – update now!
- Google patches “in-the-wild” Chrome zero-day – update now!
- Tor browser fixes bug that allows JavaScript to run when disabled
- Shitrix: Hackers target unpatched Citrix systems over weekend
- Security researcher arrested after data on every adult in Bulgaria hacked from government site
- Webex flaw allowed anyone to join private online meetings – no password required
- PHP community sidesteps its third supply chain attack in three years
SHA-3 code execution bug patched in PHP – check your version!
Published: 2022-11-01 14:09:10
Popularity: 24
Author: Paul Ducklin
Keywords:
Chrome and Edge fix zero-day security hole – update now!
Published: 2022-09-05 15:12:58
Popularity: 174
Author: Paul Ducklin
Keywords:
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
...moreCritical Samba bug could let anyone become Domain Admin – patch now!
Published: 2022-07-27 21:15:15
Popularity: 79
Author: Paul Ducklin
Keywords:
It's a serious bug... but there's a fix for it, so you know exactly what to do!
...moreGoogle patches “in-the-wild” Chrome zero-day – update now!
Published: 2022-07-05 15:55:14
Popularity: 162
Author: Paul Ducklin
Keywords:
Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...
...moreBig bad decryption bug in OpenSSL – but no cause for alarm
Published: 2021-08-27 01:03:21
Popularity: 44
Author: Paul Ducklin
Keywords:
The buggy code's in there, alright. Fortunately, it's hard to get OpenSSL to use it even if you want to, which mitigates the risk.
...morePHP community sidesteps its third supply chain attack in three years
Published: 2021-04-30 16:37:04
Popularity: 80
Author: Paul Ducklin
Keywords:
Third time lucky! (The first two times were lucky, too, luckily.)
...moreABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again
Published: 2020-12-10 15:00:00
Popularity: 4
Author: Jeff Dileo
Keywords:
This post is a technical discussion of the underlying vulnerability of CVE-2020-15257, and how it can be exploited. Our technical advisory on this issue is available here, but this post goes much further into the process that led to finding the issue, the practicalities of exploiting the vulnerability itself, various complications around fixing the issue, … Continue reading ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again →
...moreYour “smart” household appliance might have a short lifespan
Published: 2020-06-08 19:34:45
Popularity: 26
Author: Graham Cluley
Keywords:
Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat? Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home. Read more in my article on the Bitdefender BOX blog.
...moreTor browser fixes bug that allows JavaScript to run when disabled
Published: 2020-03-17 12:16:27
Popularity: 148
Author: John E Dunn
Keywords:
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.
...morePoor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
Published: 2020-03-10 21:35:34
Popularity: 1809
Author: noreply@blogger.com (Unknown)
Keywords:
Remember rowhammer vulnerability? A critical issue affecting modern DRAM (dynamic random access memory) chips that could allow attackers to obtain higher kernel privileges on a targeted system by repeatedly accessing memory cells and induce bit flips. To mitigate Rowhammer vulnerability on the latest DDR4 DRAM, many memory chip manufacturers added some defenses under the umbrella term Target
...moreWebex flaw allowed anyone to join private online meetings – no password required
Published: 2020-01-26 13:13:09
Popularity: 93
Author: Graham Cluley
Keywords:
Cisco, the makers of Webex, had warned users of the online conferencing service that a vulnerability allowed unauthorised remote users to listen in on private online meetings – without having to enter a password.
...moreShitrix: Hackers target unpatched Citrix systems over weekend
Published: 2020-01-13 12:14:18
Popularity: 137
Author: Graham Cluley
Keywords:
Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide. Take action to protect your systems now before the exploit hits you in the face.
...moreSerious flaws in six printer brands discovered, fixed
Published: 2019-08-15 13:03:19
Popularity: 207
Author: Danny Bradbury
Keywords:
There are many ways to compromise company data, but IT teams often overlook one of the most serious: the humble printer.
...moreTwo zero days and 15 critical flaws fixed in July’s Patch Tuesday
Published: 2019-07-10 11:08:05
Popularity: 731
Author: John E Dunn
Keywords:
Patch Tuesday July 2019 offers fixes for a total of 77 vulnerabilities, including 15 marked critical, rounded out by two zero-day flaws.
...moreSecurity researcher arrested after data on every adult in Bulgaria hacked from government site
Published: 2019-07-18 07:58:06
Popularity: 105
Author: Graham Cluley
Keywords:
Police in Bulgaria have arrested a 20-year-old man after a hack against the Bulgarian tax authority, known as the National Revenue Agency (NRA), which saw data on every single adult living in Bulgaria stolen, and offered to the media.
...morePhone fingerprint scanner fooled by chewing gum packet
Published: 2019-04-23 14:41:35
Popularity: 0
Author: Paul Ducklin
Keywords:
A video has surfaced claiming to show someone unlocking a Nokia 9 by tapping a gum packet against the fingerprint scanner.
...more