Collaborate Disseminate
It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.
The post Apache Struts 2: A Zero-Day Quick Draw appeared first on Security Intelligence.
The IBM X-Force Application Security Research Team discovered an arbitrary write vulnerability in Nexus 9’s kernel, putting application data at risk.
The post Going Inside an Arbitrary Kernel Write Vulnerability in the Nexus 9 appeared first on Security Intelligence.
Continue reading Going Inside an Arbitrary Kernel Write Vulnerability in the Nexus 9
X-Force researchers disclosed several Android vulnerabilities that could enable cybercriminals to use custom boot modes to take over Nexus 6 and 6P modems.
The post Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes appeared first on Security Intelligence.
Continue reading Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes
Travelers around the globe are at high risk of robbery. While payment cards can be much simpler than cash, point-of-sale hazards pose a significant threat.
The post Point-of-Sale Hazards: Skimming the Surface of Global Sporting Events appeared first on Security Intelligence.
Continue reading Point-of-Sale Hazards: Skimming the Surface of Global Sporting Events
CVE-2016-0117 can be exploited to perform an arbitrary write to Edge’s content process memory, a critical element for remote code execution.
The post Read From PDF, Write to Edge’s Memory (CVE-2016-0117) appeared first on Security Intelligence.
Continue reading Read From PDF, Write to Edge’s Memory (CVE-2016-0117)
The IBM X-Force AppSec Research Team has discovered a remote code execution (RCE) vulnerability in MIUI, the flavor of Android developed by Xiaomi.
The post Remote Code Execution in Xiaomi MIUI Analytics appeared first on Security Intelligence.
Continue reading Remote Code Execution in Xiaomi MIUI Analytics
Web browsers are moving away from SHA-1 digital certificates, and organizations need to make sure they are in line with more secure measures.
The post Browser Vendors Are Shutting Down SHA-1 Digital Certificates appeared first on Security Intelligence.
Continue reading Browser Vendors Are Shutting Down SHA-1 Digital Certificates
Penetration testing is an ideal way for enterprises to assess their existing security systems, identify gaps and locate the right solutions.
The post The Path to Cybersecurity Confidence Starts With Penetration Testing appeared first on Security Intelligence.
Continue reading The Path to Cybersecurity Confidence Starts With Penetration Testing
IBM BigFix has a fixlet available for corporate users looking to uninstall QuickTime for Windows, which was found to have serious vulnerabilities.
The post It’s Time to Let Go of QuickTime for Windows appeared first on Security Intelligence.
Continue reading It’s Time to Let Go of QuickTime for Windows
EdgeHTML’s large attack surface can be daunting for users. Learn more about possible attacks as well as exploit mitigations that enhance security.
The post Understanding EdgeHTML’s Attack Surface and Exploit Mitigations appeared first on Security Intelligence.
Continue reading Understanding EdgeHTML’s Attack Surface and Exploit Mitigations