Weeks after a serious problem in the Chromodo browser were disclosed, Google’s Project Zero disclosed a separate privilege escalation issue in Comodo Internet Security introduced by the GeekBuddy support app.
Tag Archives: Web Security
Xen Project Explains Patch Snafu
Xen has acknowledged an oversight where it failed to provide a pair of crucial security patches in its most recent update.
Magnitude of glibc Vulnerability Coming to Light
Researchers are pondering the magnitude of the glibc vulnerability and its exploitability via DNS.
Critical glibc Vulnerability Puts All Linux Machines at Risk
A critical vulnerability in glibc, the GNU C library, affects all Linux machines and many web frameworks, opening the door to remote code execution.
Threatpost News Wrap, February 5, 2016
Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain.
WordPress Infections Leading to TeslaCrypt Ransomware
A massive string of WordPress compromises are redirecting victims to the Nuclear Exploit Kit and Teslacrypt ransomware.
Google Safe Browsing Extends to Deceptive Embedded Content
Google again has enhanced its Safe Browsing service with protection against deceptive embedded content.
Chromodo Browser Disables Same-Origin Policy
Security vendor Comodo has been caught in an embarrassing gaffe. The Chromodo browser installed by default with Comodo Internet Security disables the same-origin policy.
WordPress Update Fixes SSRF, Open Redirect Vulnerability
WordPress’ latest version, 4.4.2, fixes a handful of bugs and vulnerabilities in the content management system.
eBay Vulnerability Exposes Users to Phishing, Data Theft
Researchers are warning that visitors to eBay.com could be tricked into opening a page on the site that could expose them to phishing attacks and data theft.