reader comments 90 with 58 posters participating Share this story Dozens of radiology products from GE Healthcare contain a critical vulnerability that threatens the networks of hospitals and other health providers that use the devices, officials from the US government and a private security firm said on Tuesday. The devices—used for CT scans, MRIs, X-Rays,… Read More »
Enlarge / This image was the profile banner of one of the accounts allegedly run by the Internet Research Agency, the organization that ran social media “influence campaigns” in Russia, Germany, Ukraine, and the US dating back to 2009. A Russian troll reader comments 5 with 5 posters participating Share this story The National Security… Read More »
reader comments 33 with 33 posters participating Share this story Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login credentials, private messages, and other sensitive information. Security firm Check Point said that the Edge Browser, the XRecorder video and screen recorder, and the PowerDirector… Read More »
Enlarge / That’s a lot of screen. Samuel Axon reader comments 144 with 106 posters participating Share this story Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required… Read More »
reader comments 27 with 19 posters participating Share this story Attackers are targeting a recently patched Oracle WebLogic vulnerability that allows them to execute code of their choice, including malware that makes servers part of a botnet that steals passwords and other sensitive information. WebLogic is a Java enterprise application that supports a variety of… Read More »
reader comments 21 with 17 posters participating Share this story Cisco is rolling out fixes for three vulnerabilities in its Webex video-conference software that made it possible for interlopers to eavesdrop on meetings as a “ghost,” meaning being able to view, listen, and more without being seen by the organizer or any of the attendees.… Read More »
reader comments 18 with 15 posters participating Share this story Google’s project zero says that hackers have been actively exploiting a Windows zeroday that isn’t likely to be patched until almost two weeks from now. In keeping with long-standing policy, Google’s vulnerability research group gave Microsoft a seven-day deadline to fix the security flaw because… Read More »
reader comments 22 with 16 posters participating Share this story Hackers are scanning the Internet for machines that have yet to patch a recently disclosed flaw that force Oracle’s WebLogic server to execute malicious code, a researcher warned Wednesday night. Johannes Ullrich, dean of research at the SANS Technology Institute, said his organization’s honeypots had… Read More »
Getty Images reader comments 12 with 8 posters participating Share this story One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network, a researcher said on Friday. Zerologon, as the vulnerability… Read More »
reader comments 41 with 26 posters participating, including story author Share this story Google and Intel are warning of a high-severity Bluetooth flaw in all but the most recent version of the Linux Kernel. While a Google researcher said the bug allows seamless code execution by attackers within Bluetooth range, Intel is characterizing the flaw… Read More »