Juniper Networks announced patches for a serious vulnerability in the handling of IPv6 packets that is says could leave its Junos OS and JUNOSe routers open to a distributed denial of service (DDoS) attack.
Tag Archives: Web Security
Serious TCP Bug in Linux Systems Allows Traffic Hijacking
A serious vulnerability in the TCP implementation in Linux systems can be used identify hosts communicating over the protocol and attack that traffic.
Windows PDF Library Flaw Puts Edge Users at Risk for RCE
Microsoft today released nine security bulletins as part of its August 2016 Patch Tuesday updates.
A Month Without Adobe Flash Player Patches
Adobe rolled out patches for four vulnerabilities in Adobe Experience Manager, the first time since January its monthly patch release cycle has not included a Flash Player security update.
Misuse of Language: ‘Cyber’; When War is Not a War, and a Weapon is Not a Weapon
In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter discuss the imprecision in language surrounding “cyber war” and “cyber weapons,” and explain how this may contribute to bad law and policy.
Breach Forces Password Change on Oracle MICROS PoS Customers
Oracle warns its MICROS point-of-sale system customers to change account passwords after malware was discovered on a support site that was infecting users.
Lack of Encryption Leads to Large Scale Cookie Exposure
Two academics discussed just how woefully inadequate some services are encryption-wise in a talk at Black Hat on Thursday.
Researchers Go Inside a Business Email Compromise Scam
Dell SecureWorks today published a report at Black Hat USA 2016 on a Nigerian Business Email Compromise scam called “wire-wire”, or “waya-waya.”
Fixing ‘This Internet’ Before It Breaks Again
Dan Kaminsky advocates fixing today’s internet before it breaks the same way it did in the 1990s.
Unmasking xDedic’s Black Market for Servers and PCs
Black market machine trading has gone beyond the sale of servers and now includes PCs located on corporate networks or that contain sensitive data.