Software Vulnerabilities April 21, 2015 CVE-2015-1097: Deobfuscating iOS Kernel Pointers With an IBM X-Force-Discovered Vulnerability 4 min read - IBM's X-Force Application Security Research Team has discovered a memory disclosure vulnerability in iOS IOKit IOMobileFrameBuffer.
April 17, 2015 Dropbox Bounty: Big Bucks for Bugs? 2 min read - The new Dropbox bounty program looks to catch software vulnerabilities in their infancy by rewarding researchers. So far, payouts have no maximum.
April 17, 2015 SearchBlox Vulnerabilities Underscore the Importance of Updating Enterprise Search Tools 2 min read - A set of four SearchBlox vulnerabilities could allow cybercriminals to conduct cross-site scripting attacks and cause other potential problems.
April 16, 2015 Bee in Your Botnet: AAEH Disrupted by Law Enforcement Sting 2 min read - A joint international task force has disrupted the Beebone botnet (AAEH), but are users really safe from this type of polymorphic malware?
April 15, 2015 Redirect to SMB Vulnerability: 18-Year-Old Flaw Morphs Into Huge Threat to Windows Machines 2 min read - Researchers say an old SMB vulnerability in Windows can be used to steal login credentials and take over some systems entirely using malicious URLs.
April 13, 2015 WordPress Plugin Vulnerability Puts an Estimated 1 Million Sites at Risk of XSS Attacks 2 min read - A WordPress plugin vulnerability related to WP Super Cache could let cybercriminals create back doors, add new administrators or worse, experts say.
April 9, 2015 Security Flaw Pushes Mozilla to Disable Firefox Opportunistic Encryption Capability 2 min read - According to Mozilla, it has disabled its Firefox opportunistic encryption capability after a security flaw that allowed for MitM attacks was discovered.
Software Vulnerabilities April 8, 2015 The 10 Most Common Application Attacks in Action 4 min read - Based on OWASP's list of the 10 most common application attacks, IBM has created a video series highlighting each one and how organizations can stay safe.
April 7, 2015 BitTorrent Vulnerability Discovered as Sync Service Exits Beta 2 min read - A research advisory suggests cybercriminals could have exploited a BitTorrent vulnerability to include executable code via URLs in its Sync service.
Software Vulnerabilities April 6, 2015 Determining the Responsibility of a Vulnerability Disclosure 3 min read - When it comes to reporting a vulnerability disclosure, there are many discussions happening about what is right and what is "responsible."