Vulnerabilities news, information, and how-to advice

crime scence police tape
swarms of hackers

security camera safety equipment alarm wall mounted surveillance camera 000000156723

Report: Surveillance cameras most dangerous IoT devices in enterprise

Networked security cameras are the most likely to have vulnerabilities when it comes to securing Internet of Things devices in the enterprise, according to a new report.

adultfriendfinder screengrab

412 million FriendFinder accounts exposed by hackers

Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October. LeakedSource, a breach notification...

microsoft surface book

Microsoft patches 68 vulnerabilities, two actively exploited ones

Microsoft has patched 68 vulnerabilities in Windows, Office, Edge, Internet Explorer and SQL Server, two of which have already been exploited by attackers in the wild and three that have been publicly disclosed.

Election 2016 teaser - Republican vs Democrat

Salted Hash Live Blog – Election Day 2016

Salted Hash will be providing continuous coverage of today’s election. This year’s election is one of the first in living memory where the topic of hacking isn’t just a passive subject – it’s a reality. Throughout 2016, someone (the...

broken silver key

Fraud and privacy problems on the blockchain

Enemy at the Gates post explaining blockchain vulnerabilities that open opportunities for fraud and describing privacy problems introduced by potential fraud countermeasures.

20160224 stock mwc smartphone user in suit

Hackers can abuse LTE protocols to knock phones off networks

The new Diameter protocol that LTE mobile networks use to communicate with each other can still be abused to launch attacks against users if operators don't take additional security measures, researchers showed.

wemo switch motion sensor smart plug

SQLi, XSS zero-days expose Belkin IoT devices, Android smartphones

Research director Scott Tenaglia and lead research engineer Joe Tanen detailed the vulnerabilities during their talk at the Black Hat Europe conference in London last Friday. The zero-day flaws specifically relate to Belkin’s smart...


Flaw in Wix website builder risked computer worm, a major website building provider, may have a significant bug on its hands. A vulnerability with the company's sites can potentially pave the way for a computer worm, warns a security researcher.

irobot roomba

How secure are home robots?

They have blinking lights and tend to chirp constantly. One of them can vacuum your living room carpet on a schedule. Another can play games with the kids using artificial intelligence. Yet, for homeowners (and security professionals)...

microsoft logo

Google discloses Windows zero-day, Microsoft argues disclosure ethics

On Monday, Google disclosed a zero-day vulnerability in Windows, which if exploited will enable an attacker to use it as a security sandbox escape. In response, Microsoft didn’t offer details on a fix, instead choosing to promote...

adobe flash player v10 icon

Emergency Flash Player patch fixes zero-day critical flaw

Adobe Systems released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.

Network servers

DomainTools suggests password changes after a vulnerable script leaks data

On Monday, DomainTools, an intelligence platform used by researchers around the globe, warned customers to change their passwords after a weekend incident correlated existing accounts with data previously exposed in some of this...

guilford county ems

Open Rsync server exposed EMS computers in Greensboro, NC

EMS computers in Guilford County, NC were exposed for an unknown length of time, because the server managing system updates was publicly available on the internet. The problem was discovered earlier this month by a researcher scanning...

linux tux mascot logo

Easy-to-exploit rooting flaw puts Linux computers at risk

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that's already being exploited in the wild and poses a serious risk to Linux based servers, desktops and other devices.

adultfriendfinder screengrab

Penthouse, Adult FriendFinder databases leak, at least 100 million accounts impacted

Databases recently obtained by LeakedSource, as well as source code, configuration files, certificate keys, and access control lists, point to a massive compromise at FriendFinder Networks Inc., the company behind...

20151027 oracle cloud on building

Oracle fixes 100s of vulnerabilities that put enterprise data at risk

Oracle has released another large batch of patches, fixing many critical vulnerabilities in enterprise products that are used to store and work with critical business data.

samsung pay mobile wallet nfc

Researcher unveils second Samsung Pay vulnerability

A security researcher has found a second vulnerability in Samsung Pay and plans to demonstrate it at a security conference next week in Argentina

sexy spy

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

On Twitter Tuesday evening, a researcher known for exposing application flaws posted screenshots showing Local File Inclusion vulnerabilities on The incident marks the second time in just over a year that the...

Load More
You Might Also Like