Security News

Vulnerability Forces OPM to Pull Background Check System Offline (Threatpost)
2015-06-30 19:11

The Office of Personnel Management announced yesterday that it is temporarily suspending the system it uses to conduct government background checks.

Why vulnerability disclosure shouldn’t be a marketing tool (Help Net Security)
2015-06-30 07:28

There have been many arguments within the security community on how researchers should disclose the existence of a security vulnerability. Some argue that full disclosure is the best approach as it ma...

TCP Vulnerability Haunts Wind River VxWorks Embedded OS (Threatpost)
2015-06-23 14:47

There is a TCP prediction vulnerability in Wind River’s widely deployed VxWorks embedded software that can enable an attacker to disrupt or spoof the TCP connections to and from target devices....

RubyGems Patches Serious Redirection Vulnerability (Threatpost)
2015-06-23 13:55

RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server.

SSRF/XSPA (Web Application Vulnerability) CTF Write up- Garage4Hackers (Reddit)
2015-06-23 07:14

Google extends vulnerability bounties to Android; offers up to $30,000 (ArsTechnica)
2015-06-16 22:11

Three Information Disclosure Vulnerability (Reddit)
2015-06-16 22:11

Canonical Patches Privilege Escalation Vulnerability in Ubuntu (SecurityWeek)
2015-06-16 08:11

Cisco Fixes DoS Vulnerability Affecting Carrier Routing Systems (SecurityWeek)
2015-06-15 16:11

Using the Redis Vulnerability to Patch Itself (Reddit)
2015-06-15 14:11