Facebook’s CSRF Vulnerability Allows Attackers To Hijack Accounts
A fatal cross-site request forgery (CSRF) vulnerability on Facebook was discovered by a security researcher, and interestingly it allowed hackers to take over Facebook...
Tagged: vulnerability
Privilege Escalation Vulnerability Found in LG Device Manager
A privilege escalation vulnerability that allows attackers to elevate permissions to SYSTEM has been found in the LG Device Manager application provided by the...
Exploit Code Published for Recent Container Escape Vulnerability
Proof-of-concept (PoC) code is now publicly available for a recently disclosed container escape vulnerability impacting popular cloud platforms, including AWS, Google Cloud, and numerous...
CSRF Vulnerability in Facebook Earns Researcher $25,000
A researcher says he received a $25,000 bounty from Facebook after he discovered a critical cross-site request forgery (CSRF) vulnerability that could have been...
Many ICS Vulnerability Advisories Contain Errors: Report
Roughly one-third of the ICS-specific vulnerability advisories published in 2018 contained basic factual errors, including when describing and rating the severity of a flaw,...
Australian Senate votes to replace systemic weakness and vulnerability definitions in encryption laws
The first of Labor’s dumped amendments when it waved through Australia’s encryption laws in December has succeeded, and will see the contentious definitions of...
SAP Patches Critical Vulnerability in HANA XSA
SAP this week released its February 2019 set of security fixes, to address over a dozen vulnerabilities across its product portfolio, including a Hot...
Attackers Gain Root Access on Linux Systems via Dirty Sock Vulnerability
An article on ZedNet reads how a security researcher published proof-of-concept (PoC) code for a vulnerability impacting Ubuntu and other Linux distros. Canonical, the...
Micropatch released for Adobe Reader zero-day vulnerability
A micropatch has been made available to resolve a zero-day vulnerability impacting Adobe Reader which could lead to the theft of hashed password values....
Tenable Adds ‘Predictive Prioritization’ to Vulnerability Management Offering
Tenable on Monday announced the general availability of a new service designed to help organizations identify the vulnerabilities that have the highest likelihood of...