Read more about vulnerability
Bookmark and Share
  • Critical bug in WordPress plugin allows site hijacking

    08.08.2014

    A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the site's database, and gain access and control of the site - no account or authentication needed.

  • Prioritizing vulnerabilities to close gaps where it matters

    07.08.2014

    Core Security announced the latest version of the Core Attack Intelligence Platform, which consolidates, prioritizes and validates the overwhelming quantity of vulnerabilities identified by scanners.

  • DDoS attack volumes plummet as NTP servers got patched

    05.08.2014

    Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security executives thwarted these types of amplified assaults by patching weaknesses or making upgrades in their systems associated with the protocol, causing an 86 percent drop in the peak bit volume of NTP DrDoS attacks to 59 gigabits per second (Gbps) in Q2 2014.

  • The weak links in an increasingly dynamic threat landscape

    05.08.2014

    The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations - outdated software, bad code, abandoned digital properties, or user errors - that contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.

  • 0-days found in Symantec Endpoint Protection

    30.07.2014

    While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, including three privilege escalation zero-day bugs affecting Symantec Endpoint Protection, the firm's security software of choice.




Spotlight

Successful strategies to avoid frequent password changes

Posted on 19 August 2014.  |  After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, there’s a better way.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //