October 31, 2016 Windows Atom Tables Could Blow Up Security, Researchers Say 2 min read - Researchers from enSilo may have too much time on their hands: Instead of putting out fires, they came up with a method to nuke Windows security. To make it worse, this attack vector cannot be patched because of how it…
Risk Management October 7, 2016 ASN.1 Compiler Causes a Network Vulnerability 4 min read - Researchers discovered a flaw in the ASN1C compiler produced by Objective Systems, Inc. It could lead to a dangerous network vulnerability.
Software Vulnerabilities September 27, 2016 Shellshock Anniversary: Major Security Flaw Still Going Strong 5 min read - As if to celebrate its two-year anniversary, Shellshock, one of the most infamous bugs of 2014, ramped up its activity in September.
September 13, 2016 Portable Problems? New Vulnerability Report Sparks Hacker Hunt 2 min read - A vulnerability report is designed to alert vendors of potential security issues, but it can also help cybercriminals identify weak spots to attack.
Endpoint September 1, 2016 Undocumented Patched Vulnerability in Nexus 5X Allowed for Memory Dumping via USB 3 min read - The IBM X-Force Application Security Research Team discovered a previously undocumented vulnerability in older versions of Nexus 5X's Android images.
Software Vulnerabilities August 31, 2016 Want Fries With Your EXTRABACON or EPICBANANA? Cisco Addresses Two New Vulnerabilities 3 min read - Cisco recently addressed two exploits that sound more like delicious drive-thru menu items than dangerous security risks: EXTRABACON and EPICBANANA.
August 26, 2016 BTS Stations Are at Risk, Researchers Find 2 min read - BTS stations that run on the most popular open source BTS software are vulnerable to cyberattacks because they share the same transceiver code base.
August 18, 2016 Proxy Connects Show Evidence of a Software Vulnerability 2 min read - A security researcher recently discovered a software vulnerability that allows attackers to exploit the way applications respond to HTTP CONNECT requests.
Mainframe August 5, 2016 Protecting Your Network Through Understanding DNS Requests 3 min read - Sometimes it just takes a little common sense and knowledge of your system log files and the DNS requests contained therein to detect a data breach.
Software Vulnerabilities July 29, 2016 Read From PDF, Write to Edge’s Memory (CVE-2016-0117) 3 min read - CVE-2016-0117 can be exploited to perform an arbitrary write to Edge's content process memory, a critical element for remote code execution.