Vulnerabilities

Vulnerabilities news, information, and how-to advice

ethernet cables internet networking
man leaning on box of office belongings after being fired or laid off

backlit keyboard

How to handle security vulnerability reports

There are people out there willing to help with your company’s security issues. Isn’t it time your company had its own ‘see something, say something’ policy?

plastic soldiers

Report: Attacks based on open source vulnerabilities will rise 20 percent this year

As open source code becomes more prevalent in both commercial and home-grown applications, the number of attacks based on its vulnerabilities will increase by 20 percent this year, predicted Black Duck Software, which collects...

servers network

Dangerous assumptions that put enterprises at risk

Trusting that the solutions won't fail and users won't click could lead to a breach

FTC website

FTC goes after D-Link for security problems

The Federal Trade Commission (FTC) filed a complaint on Thursday against Taiwan’s D-Link and its U.S. subsidiary, D-Link Systems, Inc., alleging the company has put consumer privacy at risk with inadequate security measures.

eu civil protection exercise

In 2017, real action on cybersecurity will happen after loss of life

Post describing the possibility of a hybrid terrorist attack involving a conventional, real-world component amplified by a simultaneous distributed denial of service attack directed at first responder computing infrastructure.

bug bounty

Why companies offer a hacking bounty -- and why there are challenges

Want to make a cool $20,000? All you have to do is hack the Nintendo 3DS, a handheld console that’s been out for a few years already. A listing on HackerOne spells everything out. There’s a range for this, of course -- some...

ransomware data laptop

Exposed MongoDB installs being erased, held for ransom

Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped...

2016 software predictions

Yogi Berra was never in the cybersecurity business

It's tough to make predictions, especially about the future. Except one: Your company will get hacked in 2017. Cyberattacks are so common and so discrete that it's virtually a sure thing that hackers will at least probe, and probably...

Network servers

Nearly half of all websites pose security risks

According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

nighthawk-family

Netgear working to fix flaw that left thousands of devices open to attack

A remotely exploitable vulnerability in the Nighthawk line of Netgear routers was disclosed on Friday. The flaw leaves customers exposed to having their connections hijacked, as someone exploiting the vulnerability can take complete...

crime scence police tape

2016: A reflection of the year in cybercrime

A look back at 2016 predictions in cyber crime and how it all actually played out.

swarms of hackers

Cybersecurity woes can be remedied through decentralization

France recently announced the creation of a single database to store information on 60 million holders of French identity cards and passports. The 2014 hack of the Office of Personnel Management demonstrates why this is a very bad...

security camera safety equipment alarm wall mounted surveillance camera 000000156723

Report: Surveillance cameras most dangerous IoT devices in enterprise

Networked security cameras are the most likely to have vulnerabilities when it comes to securing Internet of Things devices in the enterprise, according to a new report.

adultfriendfinder screengrab

412 million FriendFinder accounts exposed by hackers

Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October. LeakedSource, a breach notification...

microsoft surface book

Microsoft patches 68 vulnerabilities, two actively exploited ones

Microsoft has patched 68 vulnerabilities in Windows, Office, Edge, Internet Explorer and SQL Server, two of which have already been exploited by attackers in the wild and three that have been publicly disclosed.

Election 2016 teaser - Republican vs Democrat

Salted Hash Live Blog – Election Day 2016

Salted Hash will be providing continuous coverage of today’s election. This year’s election is one of the first in living memory where the topic of hacking isn’t just a passive subject – it’s a reality. Throughout 2016, someone (the...

broken silver key

Fraud and privacy problems on the blockchain

Enemy at the Gates post explaining blockchain vulnerabilities that open opportunities for fraud and describing privacy problems introduced by potential fraud countermeasures.

20160224 stock mwc smartphone user in suit

Hackers can abuse LTE protocols to knock phones off networks

The new Diameter protocol that LTE mobile networks use to communicate with each other can still be abused to launch attacks against users if operators don't take additional security measures, researchers showed.

Load More