Category Archives: Vulnerabilities

iOS Vulnerability Leads to Endless Reboots

Over this week and on the RSA conference security researchers from Skycure company discovered a new iOS vulnerability, this bug have been accidentally found during a network penetration testing. The security team have installed a router and connected the smartphone

Critical Microsoft HTTP.sys Remote Code Execution Vulnerability

Microsoft have released over this week several security patches that comes to fix critical security vulnerabilities. One of these vulnerabilities is an HTTP.sys security issue that do not properly handle HTTP-requests and may lead to DoS or remote code execution.

New release for OpenSSL to fix several security vulnerabilities

openssl

Heartbleed OpenSSL security vulnerability is still not the last vulnerability we see for OpenSSL but we continue to find new and critical security issues in OpenSSL library. New security advisory have been published that include several high severity vulnerabilities that

Firefox 36.0.1 Released

firefox

New security update have been released by Mozilla Firefox 36.0.1, the list of patches include fix for nine security vulnerabilities. While users may apply the security update automatically from the browser update. Updates will fix the following: 36.0.1 – Disable

Vulnerability Update, February 17, 2015

The Vulnerability Update from Secunia Total number of new vulnerabilities in the Top 20* over the 3 month period: 1,357 Vendor with most vulnerable products in the 3 month period: IBM Product with the most vulnerabilities: X.Org XServer And 2015

Adobe critical zero day vulnerability to patch

flash player

Adobe has released over this week security updates to fix critical vulnerabilities in Adobe Flash. The patches are going to address 18 vulnerabilities 15 of them allows remote code execution. CVE 2015-0313 is actively used by attackers to compromise systems

GHOST a 14 year old vulnerability in Linux

ghost-vulnerabiity-in-linux

New vulnerability have been discovered by Qualys security researchers called GHOST that affect Linux based systems in the  glibc-2.2 (GNU C Library) since 2000. Ghost allow attacker to control a system without having any credentials. The vulnerability may exist on