Security news that informs and inspires

Archive

37 results for tag Vulnerability:

Palo Alto Fixes Critical Authentication Bypass Flaw

Palo Alto Networks has patched a critical flaw in many of its products that support SAML-based authentication for SSO.

Vulnerability

Flaw in Plug-and-Play Protocol Exposes Devices to Data Theft, DDoS Attacks

Billions of network-connected devices, such as printers, routers, smart TVs, and video game consoles, are open to attack via the CallStranger vulnerability in the Universal Plug and Play (UPnP) protocol.

Networking, Vulnerability

NSA Warns Russian Attackers are Exploiting Old Exim Flaw

The Sandworm team, associated with the Russian GRU, is exploiting a flaw in the Exim mail transfer agent, the NSA warned in a new advisory.

Vulnerability, Government

GitHub Expands Scanning to Find Security Flaws in Code

The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.

Open Source, Github, Vulnerability, Appdev

Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software

Cisco has patched a dangerous flaw in its Adaptive Security Appliance Software that could allow an attacker to bypass authentication when Kerberos is enabled.

Vulnerability