Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

Wednesday, February 1st, 2017

For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done. While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available ...

Widely used WebEx plugin for Chrome will execute attack code

Monday, January 23rd, 2017

The Chrome browser extension for Cisco Systems WebEx communications and collaboration service was just updated to fix a vulnerability that leaves all 20 million users susceptible to drive-by attacks that can be carried out by just about any website they visit. A combination of factors makes the vulnerabilities among the most ...

CERT advises users to ‘discontinue use’ of two Netgear routers due to major security flaw

Saturday, December 10th, 2016

In a major setback for Netgear, it appears that at least two of its high-end routers may contain a severe security flaw according to an advisory issued by CERT. The vulnerability itself is incredibly easy to leverage and simply relies upon accessing a specially crafted URL in the following format from ...

Mozilla and Tor release urgent update for Firefox 0-day under active attack

Wednesday, November 30th, 2016

Developers with both Mozilla and Tor have published browser updates that patch a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service. "The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. ...

Major Linux security hole gapes open

Wednesday, November 16th, 2016

Sometimes Linux users can be smug about their system's security. And sometimes a major hole that's been hiding in Linux since about version 2.6 opens up and in you fall. The security hole this time is with how almost all Linux distributions implement Linux Unified Key Setup-on-disk-format (LUKS). LUKS is the ...