How to Remediate a Cross-Site WebSocket Vulnerability

Today, many leading industries and modern enterprises have switched from processing and acting on data stored in databases to data in flight. How? Through real-time applications. One way to enable this is WebSocket, but it comes with vulnerabilities as well.  What Is WebSocket? Real-time applications operate within an immediate time frame; sensing, analyzing and acting […]

The post How to Remediate a Cross-Site WebSocket Vulnerability appeared first on Security Intelligence.

Continue reading How to Remediate a Cross-Site WebSocket Vulnerability

Cisco Warns of Severe DoS Flaws in Network Security Software

The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices. Continue reading Cisco Warns of Severe DoS Flaws in Network Security Software

WordPress Plugin Bug Opens 100K Websites to Compromise

Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace. Continue reading WordPress Plugin Bug Opens 100K Websites to Compromise

DNS Rebinding: A Frightening Attack Vector with Spooky Security Impacts

One of the greatest misconceptions about online safety is that home networks are somehow private. Unfortunately, this hasn’t been true since around the turn of the century when we started filling our home networks with Internet-connected boxes se… Continue reading DNS Rebinding: A Frightening Attack Vector with Spooky Security Impacts

Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions

A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases.

phpMyAdmin is a free and open source ad… Continue reading Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions