LastPass has fixed three bugs in the password manager discovered by Google research Tavis Ormandy in the last 24 hours.
Tag Archives: Tavis Ormandy
Cloudbleed Triggered 1.2M Times, Damage Kept to Minimum
Cloudflare said it could not find evidence of malicious exploitation of the Cloudbleed vulnerability, even though the bug was triggered 1.2 million times.
Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare
A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data.
CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that
Cisco Patches Critical Flaw in WebEx Chrome Plugin
Cisco has fixed a vulnerability in its WebEx extension for Chrome that allowed for remote code execution on computers running the plugin.
Kaspersky Lab Launches Bug Bounty Program
Kaspersky Lab today at Black Hat USA 2016 announced the launch of a public bug bounty, one of the few offered by a software vendor in the computer security industry.
Threatpost News Wrap, July 29, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including a wireless keyboard vulnerability – KeySniffer, NIST’s statement on 2FA, a LastPass remote compromise bug, and a new Tor paper.
LastPass Patches Ormandy Remote Compromise Flaw
LastPass has patched a vulnerability in its Firefox add-on that allows attackers complete remote compromise of the password manager
Exposed VNC Server Discovered in Comodo Gear
Weeks after a serious problem in the Chromodo browser were disclosed, Google’s Project Zero disclosed a separate privilege escalation issue in Comodo Internet Security introduced by the GeekBuddy support app.
Chromodo Browser Disables Same-Origin Policy
Security vendor Comodo has been caught in an embarrassing gaffe. The Chromodo browser installed by default with Comodo Internet Security disables the same-origin policy.
Google Engineers Critical of Aviator Browser Security
Google security engineers have criticized the security and privacy of WhiteHat Security’s Aviator browser, after finding a remote code execution vulnerability within hours of Aviator’s release as open source.