Mike Mimoso and Chris Brook discuss the week in news, including the iPhone encryption debacle, the glibc Linux vulnerability, and the latest ransomware headlines.
Tag Archives: Vulnerabilities
The Four “Aâ€s of Account Management
It’s said that the biggest vulnerabilities in a network environment are its users. If only there was a way to control those unruly users – Oh, but there is!
The post The Four “A”s of Account Management appeared first on We Live Security.
Exposed VNC Server Discovered in Comodo Gear
Weeks after a serious problem in the Chromodo browser were disclosed, Google’s Project Zero disclosed a separate privilege escalation issue in Comodo Internet Security introduced by the GeekBuddy support app.
Xen Project Explains Patch Snafu
Xen has acknowledged an oversight where it failed to provide a pair of crucial security patches in its most recent update.
Magnitude of glibc Vulnerability Coming to Light
Researchers are pondering the magnitude of the glibc vulnerability and its exploitability via DNS.
Critical glibc Vulnerability Puts All Linux Machines at Risk
A critical vulnerability in glibc, the GNU C library, affects all Linux machines and many web frameworks, opening the door to remote code execution.
Threatpost News Wrap, February 5, 2016
Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain.
Chromodo Browser Disables Same-Origin Policy
Security vendor Comodo has been caught in an embarrassing gaffe. The Chromodo browser installed by default with Comodo Internet Security disables the same-origin policy.
WordPress Update Fixes SSRF, Open Redirect Vulnerability
WordPress’ latest version, 4.4.2, fixes a handful of bugs and vulnerabilities in the content management system.
eBay Vulnerability Exposes Users to Phishing, Data Theft
Researchers are warning that visitors to eBay.com could be tricked into opening a page on the site that could expose them to phishing attacks and data theft.