A vulnerability in OAuth 2.0 could result in an attacker being able to sign into a victim’s mobile app account and take control of it, security researchers have discovered.
read more
Google Patches 23 Critical Vulnerabilities in Android
Google on Monday released its November 2016 Android security patches to resolve 83 vulnerabilities in the mobile operating system, 23 of which have been rated Critical.
read more
OpenSSL to Patch High Severity Flaw in Version 1.1.0
The OpenSSL Project informed users on Monday that it’s preparing a patch for several vulnerabilities affecting version 1.1.0.
OpenSSL version 1.1.0c, which is scheduled for release on November 10 between 12:00 and 16:00 UTC, will address several security holes. The most serious of them has been classified as “high severity” and it does not affect versions prior to 1.1.0.
read more
Researchers Demonstrate Voting Machine Hack
Despite several security alerts and research papers published in the past years, some of the voting machines used in the United States presidential election are still vulnerable to hacker attacks.
read more
Russian Hackers Target Cash Before Politics
Just as the scandal over alleged Russian hacking of the US Democratic Party erupted in June, police in Russia were rounding up a group known as Lurk.
read more
Synopsys to Acquire Code Testing Firm Cigital
read more
Continue readingCisco Resets Passwords on Careers Portal
Cisco last week prompted a password reset for the user accounts on its Cisco Professional Careers mobile website after a security researcher discovered a vulnerability in the portal.
read more
RCE Flaw Found in Bopup Enterprise Messaging Tool
Trustwave has disclosed an unpatched remote code execution (RCE) vulnerability affecting Bopup Communication Server, a solution that allows enterprises to manage and control their IM communications.
read more
Microsoft Delays Retirement of EMET
Microsoft has announced that it will retire the Enhanced Mitigation Experience Toolkit (EMET) 18 months later than initially planned.
read more
Flaws Found in Moxa Industrial Ethernet Products
A researcher has discovered a couple of critical and medium severity vulnerabilities affecting various industrial ethernet products from Taiwan-based industrial networking, computing and automation solutions provider Moxa.
read more
