Collaborate Disseminate
A new study that analyzed ATMs from three major manufacturers found that two-thirds of them were vulnerable to physical black box attacks and an even larger number were vulnerable to network attacks. The research project spanned two years and was carr… Continue reading Researchers Find Most ATMs Vulnerable to Hacker Attacks
Microsoft and Adobe Systems released their monthly scheduled security updates Nov. 14, both companies fixing some vulnerabilities that were known publicly before being patched. Microsoft fixed 62 vulnerabilities across its product portfolio, 12 of whi… Continue reading Microsoft and Adobe Patch Zero-Day Vulnerabilities
How to clean out that drawer of old phones, laptops, and hard drives without having to worry about someone getting their hands on your data. Continue reading How to Securely Get Rid of Your Devices
Hackers are breaking into WordPress websites by exploiting a recently patched privilege escalation vulnerability in a popular plug-in that allows site owners to conform to the GDPR user data collection requirements. The vulnerability was discovered la… Continue reading Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in
A Chinese APT group has been hacking into web servers by exploiting a vulnerability in Adobe ColdFusion that was patched in September and for which no exploit has been released publicly. The vulnerability, tracked as CVE-2018-15961, affects ColdFusion… Continue reading Hackers Exploit Recently Patched ColdFusion Vulnerability
Researchers have found serious weaknesses in self-encrypting solid-state drives (SSDs) that could allow attackers to compromise data stored on them without knowing the encryption password. Researchers Carlo Meijer and Bernard van Gastel from Radboud U… Continue reading Flaws in Self-Encrypting SSDs Compromise Data Encryption
Cisco Systems is warning customers about an unpatched vulnerability that allows attackers to crash or reboot security devices running its Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software. The vulnerability, C… Continue reading Cisco Warns of Actively Exploited DoS Flaw in Security Appliances
Security researchers have found two serious vulnerabilities in Bluetooth Low Energy (BLE) chips from Texas Instruments (TI) that are used in millions of Wi-Fi access points, but also in devices from various industries including health care, automotive… Continue reading Flaws in BLE Chips Expose Millions of Enterprise Wi-Fi APs to Hacking
Apple has fixed a serious vulnerability in macOS and iOS that could allow hackers to compromise devices over the local network by sending them a single malformed Internet Protocol (IP) packet. The remote code execution flaw, identified as CVE-2018-440… Continue reading Flaw Allows Hacking Macs, iOS Devices with Single Network Packet
A serious remote code execution vulnerability in a popular jQuery widget turned out to have widespread implications, as the code has been forked, modified and used in thousands of other projects. The use of third-party libraries and components in deve… Continue reading JQuery File Upload Flaw Highlights Security Challenges with Code Reuse