Vulnerability News and Articles

Security Microsoft

Microsoft's Patch Tuesday fixes zero-day exploit and privilege escalation vulnerability

VBScript engine allowed for arbitrary code execution

By Greg Synek, May 9, 2018, 12:02 PM

Security Microsoft

Microsoft patches critical Malware Protection Engine flaw

An attacker could take control of a system and inflict all sorts of harm

By Shawn Knight, April 4, 2018, 12:45 PM 5 comments

Hardware Security

Intel won't patch Spectre v2 flaw in older processors

Some legacy users will be left out in the cold

By Shawn Knight, April 4, 2018, 10:44 AM 5 comments

Security Hardware

AMD Ryzen and EPYC platforms at risk: More than a dozen critical security flaws discovered

Is this AMD's version of Spectre / Meltdown flaws?

By Shawn Knight, March 13, 2018, 11:10 AM 69 comments

Security

Tinder flaw let anyone log into your account with just a phone number

Both vulnerabilities have since been patched

By Shawn Knight, February 21, 2018, 6:16 PM

Security

Cisco issues critical vulnerability alert for devices using WebVPN

Patched software has been issued

By Cal Jeffrey, January 30, 2018, 5:26 PM

Industry Security

Intel says 90 percent of CPUs have "received" Spectre and Meltdown patch (which is not the same as having it applied)

Major progress has been made but Intel admits there is still much room for improvement

By William Gayde, January 18, 2018, 4:36 PM 8 comments

Security

Vulnerability in virtual reality porn app exposes details of 20,000 users

Thankfully for fans of VR porn, it's now been fixed

By Rob Thubron, January 17, 2018, 6:11 AM 3 comments

Security

Intel AMT security hole lets hackers take control of corporate laptops

Another Intel flaw for attackers to exploit

By Cal Jeffrey, January 12, 2018, 3:43 PM 11 comments

Security Hardware

Western Digital My Cloud drives have a built-in backdoor

Remote access of files is possible

By Greg Synek, January 5, 2018, 12:01 PM 21 comments

Security The Web

Wi-Fi weakness KRACK disclosed, affecting nearly every connected device

Patches are rolling out now from major vendors

By Shawn Knight, October 16, 2017, 5:58 PM 7 comments

Apple Security

Some Mac users at risk of password theft after 0-day vulnerability discovered

The bug was reported to Apple weeks ago but they did not fix it before launch

By William Gayde, September 26, 2017, 12:31 AM 4 comments

The Web Security

Equifax blames hack on vulnerability that they failed to patch

The patch had been available for two months prior to the attack

By William Gayde, September 14, 2017, 2:00 PM 13 comments

Security

Security flaw in widely used third-party toolkit leaves millions of IoT devices vulnerable

By Shawn Knight, July 19, 2017, 2:40 PM 4 comments

Hardware Security

Security flaw found in solid-state drive design

HDDs do have their strengths after all

By Cal Jeffrey, May 23, 2017, 11:45 AM 16 comments

Hardware Security

Intel patches security vulnerability that's existed for nearly a decade

By Shawn Knight, May 1, 2017, 7:09 PM 8 comments

Industry Security

WikiLeaks plans release of CIA hacking tools to private tech companies

Assange to release hacking tools to tech companies affected by CIA arsenal

By William Gayde, March 10, 2017, 1:38 AM 16 comments

Software Security

Alleged backdoor discovered in WhatsApp could allow governments to read encrypted messages

Some say it's a backdoor, WhatsApp calls it a concession

By William Gayde, January 13, 2017, 6:00 PM 28 comments

Security

Experts warn Netgear router users to unplug the devices after discovering unpatched bug

Multiple models are vulnerable to the command-injection vulnerability

By Rob Thubron, December 13, 2016, 6:15 AM 8 comments

Microsoft Security

Microsoft patches critical Windows vulnerability exposed by Google

By Tim Schiesser, November 8, 2016, 7:00 PM 5 comments

Security

Johnson & Johnson notifies patients of insulin pump vulnerability

By Shawn Knight, October 5, 2016, 2:45 PM 4 comments

Google Security

Google launches Project Zero Prize hacking contest, winner to receive $200,000

By Shawn Knight, September 14, 2016, 11:45 AM

Apple Security

Rare iOS spyware caught in the wild exploiting three zero-day flaws

By Shawn Knight, August 25, 2016, 6:00 PM 4 comments

Microsoft Security

20-year-old Print Spooler flaw exposes all Windows versions to malware

By Jose Vilches, July 14, 2016, 9:30 AM 7 comments

Security Google

Security researcher easily circumvents full disk encryption used by millions of Android devices

By Shawn Knight, July 1, 2016, 5:45 PM 3 comments