Another day, another software supply chain exploit. This time, Zytel and D-Link have confirmed that their routers have the bug, but researchers think products from Netgear, TP-Link, Trendnet and other vendors are vulnerable. Already 90 plus products from more than 20 vendors have been potentially identified as vulnerable. Only TP-Link has announced a patch. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]Following up on yesterday’s post on the time to detect hackers inside your systems, a new report today says that about half of the web sites of Retail and Healthcare businesses are always vulnerable, mostly because of slow remediation rates. WhiteHat Security’s report (see article) says that 47% of applications tested had cross site scripting […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft just patched a bug this month (see article) that potentially allows a hacker to take over your computer and for sure allows a hacker to crash it – repeatedly – all because they forgot to check for a carry overflow in an addition operation. It potentially affects 70 million web sites and is being […]
Continue reading → [DISPLAY_ACURAX_ICONS]For those of you who read the security news, you know that this last 12 months has brought an amazing number of SSL bugs to the surface (see a few of my blog posts here and here and here). Now iPhone and iPad users have their turn to deal with an SSL bug. The bug, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft just published a critical patch for a 19 year old bug that dates back to Windows 95 and Internet Explorer 3.0. First the obvious – since it was still there after 19 years, all the testing that Microsoft and users have done on every version of windows back to and including Windows 95 did […]
Continue reading → [DISPLAY_ACURAX_ICONS]