Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
βVMware Spring Cloud Functionβ Java bug gives instant remote code execution β update now!
March 30
th
2022 at 20:38Β
βVMware Spring Cloud Functionβ Java bug gives instant remote code execution β update now!
By
Paul Ducklin
Easy unauthenticated remote code execution - PoC code already out
Related tags
β
Uncategorized
CVE-2022-22963
Java
Log4She;;
SPEL
Spring
Spring
Cloud
Spring
Expression
Resource
March 30
th
2022 at 20:38
Naked Security
Google Chrome patches mysterious new zero-day bug β update now
March 28
th
2022 at 14:18Β
Google Chrome patches mysterious new zero-day bug β update now
By
Paul Ducklin
CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!
Related tags
β
Google
Google
Chrome
chrome
Chromium
CVE-2022-1096
Exploit
Zero
Day
March 28
th
2022 at 14:18
Naked Security
OpenSSL patches infinite-loop DoS bug in certificate verification
March 18
th
2022 at 17:59Β
OpenSSL patches infinite-loop DoS bug in certificate verification
By
Paul Ducklin
When it comes to writing loops in your code... never sit on the fence!
Related tags
β
Cryptography
Vulnerability
CVE-2022-0778
DOS
openssl
ormandy
vulnerability
March 18
th
2022 at 17:59
Naked Security
S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]
March 10
th
2022 at 19:37Β
S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Podcast
adafruit
CVE-2022-0847
Cybercrime
Dirty
Pipe
Firefox
hacking
Linux
Mozilla
Naked
Security
Podcast
NVIDIA
ransomware
March 10
th
2022 at 19:37
Naked Security
βDirty Pipeβ Linux kernel bug lets anyone write to any file
March 8
th
2022 at 19:37Β
βDirty Pipeβ Linux kernel bug lets anyone write to any file
By
Paul Ducklin
Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.
pipe-1200
Related tags
β
Android
Google
Linux
Vulnerability
CVE-2022-0847
EoP
file
overwrite
kernel
splice
vulnerability
March 8
th
2022 at 19:37
Naked Security
WordPress backup plugin maker Updraft says βYou should updateββ¦
February 22
nd
2022 at 17:26Β
WordPress backup plugin maker Updraft says βYou should updateββ¦
By
Paul Ducklin
A straight-talking bug report written in plain English by an actual expert - there's a teachable moment in this cybersecurity story!
Related tags
β
Vulnerability
CVE-2022-23303
data
leak
Updraft
vulnerability
Wordpress
February 22
nd
2022 at 17:26
Naked Security
Google announces zero-day in Chrome browser β update now!
February 15
th
2022 at 19:17Β
Google announces zero-day in Chrome browser β update now!
By
Paul Ducklin
Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
chrome
Chromium
CVE-2022-0609
Zero
Day
February 15
th
2022 at 19:17
Naked Security
Adobe fixes zero-day exploit in e-commerce code: update now!
February 14
th
2022 at 22:38Β
Adobe fixes zero-day exploit in e-commerce code: update now!
By
Paul Ducklin
There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it.
Related tags
β
Adobe
Vulnerability
CVE-2022-24086
Exploit
vulnerability
Zero
Day
February 14
th
2022 at 22:38
Naked Security
Apple zero-day drama for Macs, iPhones and iPads β patch now!
February 11
th
2022 at 14:25Β
Apple zero-day drama for Macs, iPhones and iPads β patch now!
By
Paul Ducklin
Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now...
apple-1200
Related tags
β
Apple
iOS
OS
X
Vulnerability
CVE-2022-22620
iPad
iPhone
macOS
vulnerability
February 11
th
2022 at 14:25
Naked Security
Linux kernel patches βperformance can be harmfulβ bug in video driver
February 1
st
2022 at 19:59Β
Linux kernel patches βperformance can be harmfulβ bug in video driver
By
Paul Ducklin
This bug is fiendishly hard to exploit - but if you patch, it won't be there to exploit at all.
Related tags
β
Data
loss
Vulnerability
CVE-2022-0330
drm/i915
Linux
February 1
st
2022 at 19:59
Naked Security
Wormable Windows HTTP hole β what you need to know
January 12
th
2022 at 16:24Β
Wormable Windows HTTP hole β what you need to know
By
Paul Ducklin
One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".
Related tags
β
Microsoft
Vulnerability
CVE-2022-21907
http
HTTP.sys
IIS
Patch
Tuesday
worm
January 12
th
2022 at 16:24
There are no more articles
β
Mark all as read