Security News

Command Injection Vulnerabilities Plague IP Enabled AirLive Cameras (Threatpost)
2015-07-06 16:14

Core Security disclosed information on command-injection vulnerabilities found in a number of AirLive IP-enabled cameras after repeated attempts to disclose to the manufacturer were ignored.

Amazon Patches Certificate Vulnerabilities in Fire Phones (Threatpost)
2015-06-29 17:31

Amazon patched three vulnerabilities in its Fire Phone, two of which allow for silent certificate installations.

Security Firm Discloses Details of Amazon Fire Phone Vulnerabilities (SecurityWeek)
2015-06-29 14:12

Cisco SSH Key Flaw Has Echoes of Earlier Vulnerabilities (Threatpost)
2015-06-26 13:31

When Cisco released a patch for several of its security appliances Thursday that eliminated the presence of hard-coded SSH host and private keys, the advisory had a distinct air of familiarity...

Who fixes the most vulnerabilities? (Help Net Security)
2015-06-24 08:00

Web and mobile applications produced or used by government organizations are more likely than those in other industries to fail standard security policies like the OWASP Top 10 when initially assessed...

Researchers Uncover Critical RubyGems Vulnerabilities (SecurityWeek)
2015-06-23 04:26

Trio of Vulnerabilities Patched in Magneto Web App (Threatpost)
2015-06-19 18:44

A trio of vulnerabilities were recently patched in eBay’s Magento e-commerce web application that could have let attackers carry out a handful of exploits.

LinkedIns Private Bug Bounty Program: Reducing Vulnerabilities by Leveraging Expert Crowds (Reddit)
2015-06-18 01:11

‘XARA’ Password Stealing Vulnerabilities Outlined in iOS, OSX (Threatpost)
2015-06-17 19:07

A group of researchers claim that they found a handful of vulnerabilities in both Apple’s OS X and iOS, and cracked the Keychain service that the company uses for apps and sandboxes on OS X.

How to Prevent XSS Vulnerabilities in PHP (Reddit)
2015-06-17 00:11