A group of pentest researchers has demonstrated ability to passively identify session details and perform hijacking, allowing phishing attacks. According to the International Institute...
The sale of zero-day exploits is a very profitable business that most people completely ignore. The International Institute of Cyber Security talks...
During one of my engagements, I discovered some Windows devices that were affected by the MS17-010vulnerability. One of these devices caught my attention...
A severe vulnerability affecting CISCO ASA and Firepower devices is being exploited after an exploit was released online, as revealed by late...
After issuing a patch, users are encouraged to make sure they are using the latest version of the browser. According to...
TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home thermostats and more....
Cisco, a company dedicated to manufacturing telecommunications devices, launched patches for 34 failures in its software, including solutions for five critical vulnerabilities...
Cisco released patches for 34 vulnerabilities affecting multiple products that include 5 critical vulnerabilities, 20 High severity vulnerabilities and 9 medium level...
Information technology and information security training experts have found a strange and maybe dangerous flaw in the privacy of these devices that...
An arbitrary file-overwrite vulnerability affects a large number of projects, researchers reveal. The flaw, known as Zip Slip by information security training...
Since our last report on exploit kits, there have been some new developments with the wider adoption of the February Flash zero-day, as well as...
A failure affecting GnuPG has made some of the most commonly used e-mail encryption programs vulnerable to digital signature falsification. The list...
A cutting edge technology padlock, operating with fingerprint, can be opened by anyone who has a smartphone, as discovered by information security...
Cortana has security vulnerabilities when it operates on the lock screen Microsoft has launched a security update to prevent hackers from entering...
VMware security updates published for its AirWatch Agent that affected by critical remote code execution vulnerability. VMware is a virtualization software which...
Adobe has released patches for critical zero-day vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. The updates released for Windows, macOS,...
40-year-old SS7 is being actively used to track user locations and communications. The US Department of Homeland Security recently warned that malicious...
With the staggering amount of features that were introduced through HTML5 and CSS3 the attack surface of browsers grew accordingly. Consequently, it...
An information security expert explains that, Archery is an open source vulnerability management and evaluation tool that helps developers and evaluators perform scans and...
Multiple Vulnerabilities found in IBM QRadar chained together allows a remote attacker to bypass authentication and to execute arbitrary commands with root...
After an investigation, security professionals have found a backdoor account in the firmware of the D-Link DIR-620 routers; this allows malicious actors...