Researchers have identified dozens of vulnerabilities in several D-Link products, some of which allow attackers to bypass authentication requirements or upload arbitrary files to target devices. The vulnerabilities lie in a variety of D-Link network storage devices and the company has produced updated firmware to address some of the problems. Researchers at Search-Lab discovered the […]
Tag Archives: Vulnerabilities
Researchers: Hola Fixes Incomplete
Researchers who discovered a half-dozen vulnerabilities in the free Hola VPN said today that fixes rolled out by Hola do not address the security issues they identified.
Crypto Calamity for Blockchain Android App
A poor crypto implementation in the Blockchain Android app results in lost Bitcoin for a number of affected users.
PeopleSoft Vulnerabilities Elevate ERP Security Issues
A dozen vulnerabilities, including three critical architectural issues, in PeopleSoft implementations were discussed this week at Hack in the Box, putting ERP security in the spotlight.
Apple Blocks Outdated Flash Player Versions in OS X, Safari
Apple announced that it will block out of date versions of Flash Player after a major update to the Adobe software two weeks ago.
Exploit Kit Using CSRF to Redirect SOHO Router DNS Settings
French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
Synology Fixes File-Takeover Flaw in Cloud Station OS X Client
There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. Cloud Station is a system that allows users to sync files across a number of devices. The system saves changes to files on […]
Sendio Email Platform Patches Remote Security Bypass Vulnerability
Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product.
eBay Fixes Reflected File Download Flaw
For many years, eBay has been one of the bigger targets for phishers and many other kinds of attackers and they have been honing their tactics and improving them along the way. Much of their effectiveness depends on convincing users that they’re on the real eBay site and the site recently fixed a vulnerability that […]
Charter Communications Fixes Website Data Leak Vulnerability
The internet-cable-television provider Charter Communications recently fixed an issue with its website that was inadvertently leaking the information of tens of thousands of its customers.