Hot Topics

responsible disclosure

Securing Networks: Addressing pfSense Vulnerabilities

| | command injection, CVE-2023-42325, CVE-2023-42326, CVE-2023-42327, Cybersecurity, Cybersecurity Best Practices, Cybersecurity News, Digital Threats, firewall, Microsoft Visual Studio Code, mitigation, Netgate, network infrastructure, Network Security, npm integration, Patch Tuesday updates, patching, pfsense, pfSense CE, pfSense Plus, proactive security measures, Remote Code Execution, resolution, responsible disclosure, security risks, Sonar, Vulnerabilities, XSS
In recent findings by Sonar, critical security vulnerabilities have emerged within the widely-used open-source Netgate pfSense firewall solution, potentially exposing susceptible appliances to unauthorized command execution. These pfSense vulnerabilities, comprising two reflected ...
TuxCare
Google Pixel Can be Unlocked via SIM Swap (Other Android Phones, Too)

Google Pixel Can be Unlocked via SIM Swap (Other Android Phones, Too)

| | android, AOSP, Bug Bounties, bug bounty, bug bounty program, CVE-2022-20465, David Schütz, Google Pixel, lockscreen, puk, responsible disclosure, SB Blogwatch, Sounds like an excellent exploit designed by Google to assist law enforcement, Vulnerability Disclosure
A Hungarian researcher found a nasty Android security bug: Malicious people can unlock your phone ...
Security Boulevard
BlackBerry QNX Vulnerability Highlights Lurking Issues with IOT Security

BlackBerry QNX Vulnerability Highlights Lurking Issues with IOT Security

| | Automotive, BadAlloc, blackberry, BlackBerry QNX, Embedded Systems, enterprise security, Exploits, healthcare, Internet, Internet of things, iot, Real-Time Operating System, Remote Code Execution, responsible disclosure, risk management, Software Security, Vulnerabilities, vulnerability
BlackBerry revealed that its QNX operating system is vulnerable to the BadAlloc flaw revealed earlier this year. QNX is an embedded systems operating system that can be found in hundreds of millions ...
Blog
Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done

| | 9/11, bug bounty, bug bounty program, cisa, Department of Homeland Security, directive, Federal, government, Industry News, responsible disclosure, vulnerability, Vulnerability Disclosure
CISA drafts directive to create a vulnerability disclosure policy for government websites and apps Agency seeks to centralize the effort via a standard vulnerability disclosure platform service next spring Cybersecurity veteran Katie ...
HOTforSecurity
AMD downplays CPU flaw discovery, says hackers would need admin rights anyway

AMD downplays CPU flaw discovery, says hackers would need admin rights anyway

| | AMD, AMD processor, cpu vulnerability, Industry News, processor vulnerability, responsible disclosure, responsible disclosure program, security bloggers network
Semiconductor giant AMD said today that attackers wouldn’t likely abuse the vulnerabilities recently found in its products: they would need administrative access, and that kind of access would allow for far more ...
HOTforSecurity

Responsible Disclosure: Your Security Stance for Ethical Hackers

| | responsible disclosure
Vulnerabilities and misconfigured systems are common examples why a company would obtain a spot in the news headlines. While some big companies are showing off their bounty programs, others provide their security ...
The Next CISO