Adobe today pushed out a hotfix to ColdFusion implementations patching a vulnerability it had already patched nine days ago on the LiveCycle Data Services application framework.
Tag Archives: Web Security
Endress+Hauser Patches Buffer Overflow In Dozens of ICS Products
There is a serious, remotely exploitable vulnerability in the Device Type Manager library used in a long list of industrial process automation and measurement products sold by German firm Endress+Hauser that can cause affected products to hang indefinitely.
CERT Warns of Hard-Coded Credentials in DSL SOHO Routers
DSL routers from a number of manufacturers contain hard-coded credentials that could allow a hacker to access the devices via telnet services and remotely control them.
AutoIt Used in Targeted Attacks to Move RATs
Researchers at Cisco spotted targeted attacks moving remote access Trojans via the AutoIt administration and scripting tool.
Github Mitigates DDoS Attack
Github said it turned back a distributed denial of service attack; it’s unknown whether this attack is related to a similar attack this March.
Charlie Miller to Leave Twitter Security Team
Charlie Miller, one of the more respected and accomplished security researchers in the industry, is leaving Twitter’s security team after three years. Miller said on Monday that he is leaving the company at the end of this week and that he plans to announce his new job next week. Miller joined Twitter in 2012, shortly […]
Court Rules FTC Has Authority to Punish Wyndham Over Breaches
In the latest installment of a long and winding court case related to multiple data beaches at Wyndham Worldwide several years ago, an appellate court has upheld the authority of the Federal Trade Commission to punish the hotel chain for lax security practices that allegedly led to the breaches. The decision by the United States Court of […]
AlienSpy RAT Resurfaces as JSocket
The dismantled AlientSpy remote access Trojan, the same malware found on the phone of dead Argentine prosecutor Alberto Nisman, has resurfaced with new crypto and a new name.
WordPress Compromises Behind Spike in Neutrino EK Traffic
A rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic
Facebook Updates Information-Sharing Platform
Facebook announced that its ThreatExchange information-sharing platform is closing in on 100 participants and has streamlined its application process.