A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has foundRead More →
The critical flaw doesn’t require any user interaction, either. A critical flaw in Microsoft’s Skype web messaging and call service allows attackers to crash systems and execute code. This week,Read More →
Microsoft recently patched a critical vulnerability in its ubiquitous built-in antivirus engine. The vulnerability could have allowed attackers to execute malicious code by luring users to a booby-trapped website orRead More →
Every day you wake up, perhaps check your phone or other Internet connected device, and head out the door or into your home office to do whatever it is thatRead More →
A “determined” attacker has breached the email system of the UK Parliament over the weekend, according to a statement put out by the UK government on Sunday afternoon. The attackRead More →
Drupal team released security updates to fix several vulnerabilities, including the critical access bypass flaw CVE-2017-6922 exploited in spam campaigns. The Drupal development team has released security updates to fixRead More →
The three vulnerabilities allow attackers to disarm the platform and execute code. Symantec has patched three vulnerabilities in the Symantec Messaging Gateway (SMG) which could be exploited by attackers toRead More →
Larson Studios paid $50,000 to the hacker group, but they decided to leak the season because of breach of contract. Season 5 of Netflix’s “Orange in the New Black” TVRead More →
A vulnerability nicknamed “Stack Clash” allows an attacker to gain root privileges on a UNIX system and take over vulnerable machines. The flaw was discovered last month by security researchersRead More →
I recently worked on a small toy project to execute untrusted Python code in Docker containers. This lead me to test several online code execution engines to see how theyRead More →
Daniel Devereux, 30, a British man calling himself “His Royal Gingerness” has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital,Read More →
EXCLUSIVE — Mazda cars with next-gen Mazda MZD Connect infotainment systems can be hacked just by plugging in a USB flash drive into their dashboard, thanks to a series ofRead More →
The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) onRead More →
Latest Vault7 release exposes network-spying operation CIA kept secret since 2007. Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allowRead More →
SECURITY RESEARCHERS have uncovered Industroyer and have labelled it as the biggest threat to critical infrastructure since Stuxnet. Stuxnet was the malicious warm responsible for causing substantial damage to Iran’s nuclear programmeRead More →
A staggering 8,000 vulnerabilities have been discovered in one of the most widespread medical advancements keeping people alive today: The pacemaker. White Scope, which has reported all of the vulnerabilitiesRead More →
Customer account-only support page warns of “ability to decrypt encrypted data.” OneLogin has admitted that the single sign-on (SSO) and identity management firm has suffered a data breach. However itsRead More →
Several Linux distros have issued updates to fix a vulnerability in Sudo, a Linux app behind the “sudo” command, which can allow an unprivileged attacker to gain root privileges. TheRead More →
In April, a group known as the “Shadow Brokers” released a cache of stolen information that included multiple tools to exploit vulnerabilities in various versions of Microsoft Windows. The mostRead More →
I’ve previously written about fuzz testing, which feeds intelligently crafted input to a target program to exercise corner cases and find bugs, highlighting how Fastly uses American Fuzzy Lop toRead More →
