Saturday, September 23, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Joomla Patches Eight-Year-Old LDAP Injection Vulnerability Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials.
What Triggers HTTPS Chrome Browser Warnings? Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.
Malware Steals Data From Air-Gapped Network via Security Cameras Proof-of-concept malware called aIR-Jumper can be used to bypass air-gapped network protections and send data in and out of network.
iOS 11 Update includes Patches for Eight Vulnerabilities Apple released a number of patches, including a security update for iOS 11, which is available today.

Latest News

Pirate Bay Spotted Hosting Monero Cryptocurrency Miner

A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.

Rogue WordPress Plugin Allowed Spam Injection

A rogue version of the WordPress plugin called “Display Widget” allowed third-parties to injecting spam advertising content into victims’ sites.

VMware Patches Bug That Allows Guest to Execute Code on Host

Users who run four different types of VMware products, ESXi, vCenter Server, Fusion and Workstation, are being encouraged to update to address a series of vulnerabilities, one critical.

Equifax Confirms March Struts Vulnerability Behind Breach

Equifax divulged on Wednesday that the culprit behind this summer's breach of 143 million Americans was an Apache Struts vulnerability, CVE-2017-5638, patched back in March.

Premium SMS Malware ‘ExpensiveWall’ Infects Millions of Android Devices

Google has ejected 50 apps from its Google Play store that were harboring mobile malware dubbed ExpensiveWall.

Thousands of Elasticsearch Servers Hijacked to Host PoS Malware

Over 4,000 insecure Elasticsearch servers have been hosting the point-of-sale malware Alina and JackPoS.

Zerodium Offering $1M for Tor Browser Zero Days

Exploit acquisition vendor Zerodium said Wednesday it will pay up to $1M for an unknown Tor Browser zero day.

Microsoft Patches .NET Zero Day Vulnerability in September Update

Microsoft fixes 25 critical vulnerabilities including one zero day under attack and one tied to the high-profile BlueBorne attack vector.

Adobe Fixes Eight Vulnerabilities in Flash, RoboHelp, ColdFusion

Adobe fixed eight vulnerabilities across three products, Flash Player, RoboHelp for Windows, and ColdFusion, as part of its September Patch Tuesday updates.

FreeXL Library Fixes Two Remote Code Execution Vulnerabilities

Researchers warned Monday of two remote code execution vulnerabilities in FreeXL that could let an attacker execute code with local user privileges.