Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments
Attackers can bypass authentication and access patient data. CERT/CC sounded the alarm on users of the Cardio Server ECG Management System, a broad-scope healthcare data management system used in many medical
Apparently tech support scams never get old. But they have gotten more aggressive, according to a Symantec blog post penned by researcher Deepak Singh. “We’ve recently seen many instances where attackers
RSI Videofied are a French company that produce a series of alarm panels that are fairly unique in the market. They are designed to be battery powered and send videos
The bug is in the website’s “translate a document” feature.Madrid-based Francisco Javier Santiago Vazquez, a security auditor for Mnemo, has discovered a cross-site scripting (XSS) vulnerability in Google Translate’s interface.
Attackers can unmask users hidden under a VPN connection. A vulnerability into how VPN providers deal with port forwarding exposes the real IP address of some users, say the network security
Vulnerability Test Suite (VTS) is a free application for Android that scans devices running the operating system for publicly-disclosed vulnerabilities. Publicly-disclosed vulnerabilities remain a threat months or even years after
A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed 10 days
VMware has patched an information disclosure vulnerability affecting a number of its products that use Flex BlazeDS. The original vulnerability was discovered and disclosed in August by Matthias Kaiser of
Developers at LinkedIn fixed a persistent cross site scripting vulnerability in the social network this week that could have been exploited to spread a worm on the service’s help forums.
In a new Ubuntu Security Notice (USN-2814-1), Canonical announced that they have patched a security vulnerability in the Nvidia proprietary graphics drivers for all supported Ubuntu Linux operating systems. According
At PortSwigger, we regularly run pre-release builds of Burp Suite against an internal testbed of popular web applications to make sure it’s behaving properly. Whilst doing this recently,Liam found a
Attackers could have had full control over DT’s Web server. Independent Egyptian security researcher Ebrahim Hegazy has found another vulnerability, and this one affected the Web servers of Deutsche Telekom, Germany’s
Crafted image crashes apps, server processes. This will not be fun: the graphics processing library libpng has a vulnerability and needs to be patched. The problem for that is that
Vulnerabilities in SAP and Oracle products expose companies to crippling attacks, oil market fraud or equipment sabotage. A talk delivered at the Black Hat Europe 2015 security conference in Amsterdam shows
Google’s Chrome staff got in contact with the security researcher and has already started working on a fix A Chinese security researcher has found a security vulnerability in Google’s Chrome