Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
PaperCut security vulnerabilities under active attack β vendor urges customers to patch
April 25
th
2023 at 17:53Β
PaperCut security vulnerabilities under active attack β vendor urges customers to patch
By:
Paul Ducklin
If you have the product, but you haven't patched - well, the crooks have now landed, so please don't delay. Do it today...
π·οΈ
My labels
β
Article tags
β
Vulnerability
CVE-2023-27350
CVE-2023-27351
Exploit
PaperCut
rce
vulnerability
April 25
th
2023 at 17:53
Naked Security
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
April 10
th
2023 at 20:20Β
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
By:
Paul Ducklin
That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Vulnerability
Exploit
kernel bug
rce
spyware
April 10
th
2023 at 20:20
Naked Security
WooCommerce Payments plugin for WordPress has an admin-level hole β patch now!
March 24
th
2023 at 17:48Β
WooCommerce Payments plugin for WordPress has an admin-level hole β patch now!
By:
Paul Ducklin
Admin-level holes in websites are always a bad thing... and for "bad", read "worse" if it's an e-commerce site.
woo-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
Vulnerability
vulnerability
WooCommerce
Wordpress
March 24
th
2023 at 17:48
Naked Security
Dangerous Android phone 0-day bugs revealed β patch or work around them now!
March 17
th
2023 at 17:56Β
Dangerous Android phone 0-day bugs revealed β patch or work around them now!
By:
Paul Ducklin
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
π·οΈ
My labels
β
Article tags
β
Android
Google
Samsung
Vulnerability
Patches
rce
vulnerability
March 17
th
2023 at 17:56
Naked Security
Popular JWT cloud security library patches βremoteβ code execution hole
January 10
th
2023 at 17:59Β
Popular JWT cloud security library patches βremoteβ code execution hole
By:
Paul Ducklin
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
JSON
jsonwebtoken
JWT
rce
vulnerability
January 10
th
2023 at 17:59
Naked Security
Credit card skimming β the long and winding road of supply chain failure
December 8
th
2022 at 17:58Β
Credit card skimming β the long and winding road of supply chain failure
By:
Paul Ducklin
Don't keep calling home to a JavaScript server that closed its doors eight years ago!
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Privacy
Cockpit
e-commerce
HTML injection
skimming
December 8
th
2022 at 17:58
Naked Security
Slack admits to leaking hashed passwords for five years
August 8
th
2022 at 15:14Β
Slack admits to leaking hashed passwords for five years
By:
Paul Ducklin
"When those invitations went out... somehow, your password hash went out with them."
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
brute force
crack
dictionary attack
hashing
password
salt
Slack
August 8
th
2022 at 15:14
Naked Security
βVMware Spring Cloud Functionβ Java bug gives instant remote code execution β update now!
March 30
th
2022 at 20:38Β
βVMware Spring Cloud Functionβ Java bug gives instant remote code execution β update now!
By:
Paul Ducklin
Easy unauthenticated remote code execution - PoC code already out
π·οΈ
My labels
β
Article tags
β
Uncategorized
CVE-2022-22963
Java
Log4She;;
SPEL
Spring
Spring Cloud
Spring Expression Resource
March 30
th
2022 at 20:38
Naked Security
Apple patches 87 security holes β from iPhones and Macs to Windows
March 15
th
2022 at 16:36Β
Apple patches 87 security holes β from iPhones and Macs to Windows
By:
Paul Ducklin
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
apple-1200
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Privacy
Vulnerability
Windows
cve
Exploit
Patch
rce
March 15
th
2022 at 16:36
Naked Security
Apple fixes Safari data leak (and patches a zero-day!) β update now
January 27
th
2022 at 21:09Β
Apple fixes Safari data leak (and patches a zero-day!) β update now
By:
Paul Ducklin
That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
apple-1200
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Privacy
Vulnerability
Exploit
ios
iPhone
macOS
Patch
rce
January 27
th
2022 at 21:09
Naked Security
βLog4Shellβ Java vulnerability β how to safeguard your servers
December 10
th
2021 at 16:22Β
βLog4Shellβ Java vulnerability β how to safeguard your servers
By:
Paul Ducklin
Just when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product
π·οΈ
My labels
β
Article tags
β
Vulnerability
Apache
CVE-2021-44228
Exploit
Java
Log4Shell
LOGJAM
rce
December 10
th
2021 at 16:22
There are no more articles
β
Mark all as read