A proof-of-concept from the University of Maryland can defeat the audio challenges that are offered as an option for people with disabilities.
A glitch allowed hackers to access contacts, photos and more on Android devices – simply by answering a Skype call.
Original release date: January 07, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »
Original release date: January 04, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates. This …
Read More »
All of the vulnerabilities arise from improper input validations.
An unscheduled patch fixed two critical flaws that could enable arbitrary code execution.
Password-manager Blur and role-playing game Town of Salem both disclosed data breaches this week that impacted a combined 10 million.
As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.
Attackers could craft a campaign that makes use of the device profile in order to exploit any vulnerabilities in a targeted fashion.
Vulnerabilities, stolen credentials and an evolution of marketplaces mark the Dark Web in Q3.