Researcher Mariusz Mlynski found and disclosed four high-severity vulnerabilities in Chrome’s Blink rendering engine, earning himself $32,000 through the Chrome Rewards program.
Tag Archives: Vulnerabilities
Firefox 51 Begins Warning Users of Insecure HTTP Connections
Firefox 51 includes warnings to users landing on HTTP websites, and patches for nearly a half-dozen critical security vulnerabilities.
Cisco Patches Critical Flaw in WebEx Chrome Plugin
Cisco has fixed a vulnerability in its WebEx extension for Chrome that allowed for remote code execution on computers running the plugin.
Apple Patches Critical Kernel Vulnerabilities
Apple released updates across its product lines, including iOS 10.2.1, patching a number of critical code execution vulnerabilities in the kernel, libarchive and WebKit.
Heartbleed Persists on 200,000 Servers, Devices
Almost 200,000 servers are still vulnerable to Heartbleed, the OpenSSL vulnerability patched nearly three years ago.
Hadoop, CouchDB Next Targets in Wave of Database Attacks
Insecure Hadoop and CouchDB installations are the latest attack targets of cybercriminals who are hijacking and deleting stolen data.
Threatpost News Wrap, January 13, 2017
The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.
WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities
A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.
Microsoft Issues Record Low Number of Patch Tuesday Bulletins
Microsoft patched vulnerabilities that were tied to a variety of its products including Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS).
Exploit kits and the problem of do-nothing malware
The first two questions about malware are impossible to quickly answer in regards to exploit kits – and this is more than an IT communication problem. “What does it do?” is the first question most people have about any new type of malware. That’s logical. Who would NOT want to know about the risks from […]
The post Exploit kits and the problem of do-nothing malware appeared first on Avira Blog.