LastPass Fixes Bug That Leaks Credentials

LastPass Fixes Bug That Leaks Credentials

LastPass has patched a bug that could potentially allow malicious websites to access a web user’s credentials from a previously visited site. Tavis Ormandy, a…

View More LastPass Fixes Bug That Leaks Credentials
Microsoft Patches 18 Year Old Windows Zero Day

Microsoft Patches 18 Year Old Windows Zero Day

Software buried in Windows since the days of WinXP can be abused to take complete control of a PC with the help of good ol’…

View More Microsoft Patches 18 Year Old Windows Zero Day
New Vulnerability Risk Model Promises More-Efficient Security

New Vulnerability Risk Model Promises More-Efficient Security

Vulnerabilities happen. There’s nothing new or mysterious about that. Neither is there mystery around the fact that something must be done to address vulnerabilities. But…

View More New Vulnerability Risk Model Promises More-Efficient Security
New Dragonblood vulnerabilities found in WiFi WPA3 standard

New Dragonblood vulnerabilities found in WiFi WPA3 standard

Earlier this year in April, two security researchers disclosed details about five vulnerabilities (collectively known as Dragonblood) in the WiFi Alliance’s recently launched WPA3 WiFi…

View More New Dragonblood vulnerabilities found in WiFi WPA3 standard
Critical RCE Flaw in Palo Alto Gateways Hits Uber

Critical RCE Flaw in Palo Alto Gateways Hits Uber

A remote code execution (RCE) vulnerability has been uncovered in the GlobalProtect portal and GlobalProtect Gateway interface security products from Palo Alto Networks. It’s an…

View More Critical RCE Flaw in Palo Alto Gateways Hits Uber
A bug in firewall systems took Cloudflare customers offline

A bug in firewall systems took Cloudflare customers offline

AT&T was not the only service provider to suffer an outage Tuesday morning. Several websites relying on Cloudflare servers were knocked offline as well. According to Gizmodo, Cloudflare…

View More A bug in firewall systems took Cloudflare customers offline
Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees

Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees

The recent Firefox’s zero-day security flaw was used in attacks against major crypto exchange and wallet service Coinbase, according to a tweet from Coinbase security…

View More Recent Firefox’s Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees
Linux Command-Line Editors Vulnerable To High Severity Bug

Linux Command-Line Editors Vulnerable To High Severity Bug

A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations. A high-severity bug impacting two popular command-line text editing…

View More Linux Command-Line Editors Vulnerable To High Severity Bug
Researcher Publishes Four Zero-Day Exploits in Three Days

Researcher Publishes Four Zero-Day Exploits in Three Days

The exploits for local privilege escalation vulnerabilities in Windows could be integrated into malware before Microsoft gets a chance to fix the issues. A vulnerability…

View More Researcher Publishes Four Zero-Day Exploits in Three Days
Slack Bug Allows Remote File Hijacking, Malware Injection

Slack Bug Allows Remote File Hijacking, Malware Injection

A remotely exploitable vulnerability in the Windows desktop app version of the Slack collaboration platform has been uncovered, which allows attackers to alter where files…

View More Slack Bug Allows Remote File Hijacking, Malware Injection