- By Ionut Ilascu
- March 12th, 2015
CSRF and Blind SQL Injection Risks Removed in Top SEO Plug-In for WordPress
Plug-in has tens of thousands of daily downloads
- By Ionut Ilascu
- March 12th, 2015
DLL Hijacking Risk Removed from Telerik Analytics Monitor Library
Security flaw has not been assigned a CVE identifier
- By Ionut Ilascu
- March 12th, 2015
Self-Destruct Update from Panda Security Gets Manual Fix
Some customers report trouble working with the fix tool
- By Ionut Ilascu
- March 11th, 2015
Glitch in Dropbox SDK for Android Links Apps to Attacker’s Cloud Storage
Apps holding sensitive info can be affected by the glitch
- By Ionut Ilascu
- March 11th, 2015
FREAK Risk Removed from Microsoft’s Secure Channel
Microsoft products no longer vulnerable to RSA key downgrade
- By Ionut Ilascu
- March 11th, 2015
Shortcut Parsing Glitch Used by Equation Group Re-Patched by Microsoft
Security update corrects the way DLL files are handled
- By Ionut Ilascu
- March 10th, 2015
Apple Fixes FREAK Vulnerability in Secure Transport
Apple's products are safe from FREAK attack
- By Ionut Ilascu
- March 5th, 2015
ShareLaTeX 0.1.3 Patches Against Command Injection
Two security flaws found, update mitigates only one
- By Ionut Ilascu
- February 25th, 2015
WP-Slimstat Wordpress Plug-in Relies on Guessable Crypto Key
An attacker would need 10 minutes to crack the key
- By Ionut Ilascu
- February 25th, 2015
Firefox 36 Fixes Long List of Security Bugs
New build patches more than 16 vulnerabilities
- By Ionut Ilascu
- February 23rd, 2015
Cisco NCS 6000 and CRS-X Routing Devices Vulnerable to DoS Attacks
Administrators are advised to patch as soon as possible
- By Ionut Ilascu
- February 17th, 2015
Siemens Fixes Security Flaws in Simatic Step 7 (TIA Portal)
Password reconstruction, privilege escalation risks removed
- By Ionut Ilascu
- February 13th, 2015
Bug in Facebook Allows Deleting Any Message from Any Timeline
Researcher receives $12,500 / €11,000 reward
- By Ionut Ilascu
- February 11th, 2015
Microsoft Patches Critical Remote Code Execution Glitch in Group Policy
Vulnerability has taken about a year to fix
- By Ionut Ilascu
- February 10th, 2015
SIMATIC WinCC SCADA System Receives Critical Fixes from Siemens
Exploit for one of the vulnerabilities exists
- By Ionut Ilascu
- February 9th, 2015
On-Screen Phone App from LG Allows Full Control of the Phone
Malicious actor can plant malware for persistent access
- By Ionut Ilascu
- February 9th, 2015
Box Sync Exposes API, Amazon S3 Keys
Data for secure locations sits unprotected