5 ways to find and fix open source vulnerabilities

A recent discovery of surreptitious execution of cryptomining code by a sandboxed app, riding piggyback on the open source software (OSS) ecosystem, raises pertinent questions about open source vulnerabilities. Here are five ...
CVE-2018-0369: Yet Another High Severity Cisco Vulnerability

CVE-2018-0369: Yet Another High Severity Cisco Vulnerability

Yet another vulnerability, identified as CVE-2018-0369, in Cisco software has been patched. Rated severe, the flaw is described as an IPv4 Fragmentation vulnerability which could lead to a denial of service if ...
Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed?

Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed?

It was just reported that a bug filed on Ubuntu Launchpad (dubbed Local authorization bypass by using suspend mode) about a month ago has been confirmed by several users. The bug allows ...
Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007)

Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007)

Adobe has released the latest patch package that addresses a total of 112 vulnerabilities in all of their products, most of them concern the Acrobat and Reader applications. The updates to Flash ...
July 2018 Patch Tuesday Fixes CVE-2018-8281, Microsoft Office Bugs

July 2018 Patch Tuesday Fixes CVE-2018-8281, Microsoft Office Bugs

Another set of patches has been rolled by Microsoft in the form of July 2018 Patch Tuesday. The patch batch contains a total of 54 vulnerabilities of which 17 are rated critical ...
Spectre 1.1 Vulnerability

CVE-2018-3693: New Spectre 1.1 Vulnerability Emerges

The latest variant of the Spectre series of bugs have been discovered — the newest addition is the Spectre 1.1 vulnerability which is tracked under the CVE-2018-3693 security advisory. Like previous iterations ...

July Patch Tuesday – Critical browser patches, Lazy FP, Exchange, Adobe vulns

This month’s Patch Tuesday is medium in weight, with 54 CVEs containing 17 Criticals. All but two of the Critical vulnerabilities are in Microsoft’s browsers or browser-related technologies. An additional speculative execution ...
Arch Linux AUR Repository Found to Contain Malware

Arch Linux AUR Repository Found to Contain Malware

The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is ...
Stylish Extension Stole All Your Browsing History from Chrome and Firefox

Stylish Extension Stole All Your Browsing History from Chrome and Firefox

The Stylish extension used by many Mozilla Firefox and Google Chrome users has been removed from their plugin repositories due to security concerns. A dangerous privacy leak has been exposed by a ...
Loading...