Dennis Fisher and Mike Mimoso discuss the quasi-interesting fallout from the Ashley Madison hack, the appeals court decision about the Wyndham data breaches, and Charlie Miller leaving Twitter.
Monthly Archives: August 2015
QEMU Programmable Interrupt Timer Controller Heap Overflow
The programmable interrupt timer (PIT) controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing both an information disclosure and a heap overflow within the context of the host.
Photo Transfer 2 1.0 Denial Of Service
Photo Transfer 2 version 1.0 suffers from a denial of service vulnerability.
PayPal Stored Cross Site Scripting
A stored cross site scripting vulnerability existed in the SecurePayment page on PayPal.
CVE-2015-2987
Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.
CVE-2015-6266
The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo78045.
8 security tips for gamers: go play with no worries!
It is possible to enjoy videogames by applying practical security measures that will keep us safe. In this article, we look at 8 security tips.
The post 8 security tips for gamers: go play with no worries! appeared first on We Live Security.