All major Canadian internet service providers (ISPs) have patched a vulnerability this week in their telecommunications relay services (TRSs).
WordPress CMS installations are vulnerable to a PHP bug related to data unserialization (also known as deserialization), a security researcher has revealed at the start of the month.
Maryland's Medicaid program is threatened by security gaps exposing data and information systems to unauthorized access and disruption of critical operations.
Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags.
Security researchers have shown that having Microsoft Cortana enabled on the Windows lock screen could be a security risk. In such a configuration, users could compromise a system or lead to or impersonate a user using credentials stored in the browser cache.
Two recently discovered vulnerabilities in the fax protocol can transform fax machines into entry points for hackers into corporate networks, two Check Point researchers revealed last week in a talk given at the DEF CON 26 security conference held in Las Vegas.
Researchers from CheckPoint have figured out a way to manipulate conversations in order to modify existing replies that were received, quoting a message so it appears that it came from another user who may not be part of the group, and sending private messages that can be seen by only one person in a group.
Microsoft has fixed a vulnerability in the Edge browser that could be abused against older versions to steal local files from a user's computer.
Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability.
Academics from the University of California, Riverside (UCR) have published details last week about a new Spectre-class attack that they call SpectreRSB.
Security researchers from Positive Technologies have released public details on two vulnerabilities affecting Dongguan Diqee 360 smart vacuum cleaners. The two vulnerabilities allow an attacker to run malicious code on a device with superuser privileges and effectively take over the vacuum.
Cisco has released 25 security updates yesterday, including a critical patch for Cisco Policy Suite that removes an undocumented password for the "root" account.
Russia's national vulnerability database (BDU) indexes and lists about a tenth of the security flaws it should be indexing on a normal basis.
Two security researchers have revealed details about two new Spectre-class vulnerabilities, which they've named Spectre 1.1 and Spectre 1.2.
Adobe has published its monthly security updates for the month of July 2018, and this month. Unlike last month, there were no zero-days patched this time.
Details and public exploit code have been published online for a severe vulnerability affecting Hewlett Packard Integrated Lights-Out 4 (HP iLO 4) servers.
Security researchers say the Diameter protocol used with today's 4G (LTE) telephony and data transfer standard is vulnerable to the same types of vulnerabilities as the older SS7 standard used with older telephony standards such as 3G, 2G, and earlier.
Barcelona-based online survey and form building service Typeform announced a data breach today after an unknown attacker downloaded a backup file containing sensitive customer information.
A team of academics has published research yesterday that describes three attacks against the mobile communication standard LTE (Long-Term Evolution), also known as 4G.