Security Vulnerabilities

Latest Headlines

Latest Headlines

Researchers warn about security backdoor on D-Link storage devices

A number of D-Link storage devices have dozens of security vulnerabilities that can allow attackers to execute arbitrary code remotely and take full control of the devices, according to researchers at SEARCH-LAB.

Hola shows why 'free' sometimes comes at a price

Free peer-to-peer VPN service Hola is apparently not as secure as the company likes to claim. According to a Network World article, Hola sold bandwidth of its 47 million users and also contains several security vulnerabilities that could open up users to botnet infections and other malicious types.

There's a patch for Cisco TelePresence vulnerabilities

Enterprises with Cisco TelePresence units deployed may want to grab the latest security patches. Cisco released several patches to address vulnerabilities in a few of its telepresence products.

Rapid7 acquires NT OBJECTives to beef up its Web app security bona fides

Organized crime has become the most frequently seen actor in Web application attacks, with financial gain being the primary motive, according to the most recent Verizon DBIR report. To combat this growing threat to Web applications, security data and analytics firm Rapid7, best known for its Metasploit penetration testing tool, has acquired NT OBJECTives, a Web application security testing firm.

ISIS supporters target vulnerable WordPress plug-ins

When a group finds WordPress vulnerabilities, they can exploit them worldwide. That is exactly what sympathizers with the terrorist group ISIS are doing, according to a warning issued Tuesday by the Federal Bureau of Investigation.

Mozilla plugs critical vulnerabilities, adds 'opportunistic encryption' to latest Firefox browser

Mozilla has fixed more than a dozen vulnerabilities with the latest version of its Firefox browser, including a number of critical security flaws. In addition, Mozilla has added to the Firefox 37 browser "opportunistic encryption," which encrypts possibly sensitive data before sending it in the clear.

Cisco plugs 16 security holes in operating system for its routers and switches

On Wednesday, Cisco released its semiannual security advisory for IOS software and IOS XE software, plugging 16 security holes that could result in "denial of service condition or interface wedge."

Apple fixes 17 security holes in Safari's WebKit engine

Apple has plugged 17 security vulnerabilities in the Safari browser's WebKit engine, which renders Web pages in the browser.

Infographic: Slipshod vendor security could cost you dearly

Security vulnerabilities at third-party vendors have been behind a number of high-profile data breaches, including major breaches at Target, AT&T, Lowe's, AutoNation and the Department of Defense's TRICARE healthcare network.

Is Apple endangering privacy to cut costs?

As Apple prepares to launch two iPhone 6 versions and a rumored iWatch, some are questioning whether Cupertino's reputation for iron-clad security is deserved.