A flaw in X.Org is exploitable with a tweet sized attack.
https://lists.x.org/archives/xorg-announce...
Read More
The "Man that was a hell of a flu bug" edition. Stay healthy, everyone.
SSH bypass by ... wai...
Read More
Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privilege...
Read More
The "Wow, it's been a busy month" edition.
Apple took "Adware Doctor" out of the store becaus...
Read More
MWR Labs describes use of HTTP Referer headers to execute DNS rebinding attacks on AWS-hosted a...
Read More
Mazen Ahmed write an exploit for the new Struts CVE.
https://github.com/mazen160/struts-pwn_CVE-2018...
Read More
Big, big news out of Portswigger this week. I'm a huge fan of OWASP ZAP, and use it daily, but...
Read More
Trend Micro found a really interesting use-after-free vulnerability in the VBScript engine in IE.&nb...
Read More
Interesting idea - introducing bugs to make software more difficult to attackers to navigate. ...
Read More
Reddit Breach Highlights Limits of SMS-Based Authentication
https://krebsonsecurity.com/2018/08/redd...
Read More
Venmo, a social payment system, defaults to public disclosure of payments made on the system.
https:...
Read More
It has come to my attention that one of Paul Asadoorian's Security Weekly broadcasts is titled Appli...
Read More