Tech support scams persist with increasingly crafty techniques

Note: Our Tech support scams FAQ page has the latest info on this type of threat, including scammer tactics, fake error messages, and the latest scammer hotlines. You can also read our latest blog, New tech support scam launches communication or phone call app. Millions of users continue to...

SAP Patches Critical HANA Vulnerability That Allowed Full Access

SAP patched a series of critical vulnerabilities in its cloud-based business platform HANA today that if exploited, could allow for a full system compromise without authentication. When chained together the flaws could lead to the theft of confidential information, financial fraud, and the...

IBM Kenexa LCMS Premier on Cloud Information Disclosure Vulnerability (CNVD-2017-01326)

IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. A security vulnerability exists in IBM Kenexa LCMS Premier on Cloud. An attacker could exploit the vulnerability by sendi...

Microsoft Bolsters Ransomware Protection in Windows 10

Microsoft says it hardened its ransomware defenses in Windows 10 Anniversary Update in the face of skyrocketing infection rates and a doubling in the number ransomware variants released into the wild over the past 12 months. In a whitepaper PDF released last week, Microsoft explained its latest...

Microsoft Unveils Cloud-Based Fuzz-Testing Service

Microsoft announced a cloud-based fuzz testing service called Project Springfield that identifies software bugs in applications that could turn into vulnerabilities. The service, announced at this week’s Microsoft 2016 Ignite technology conference in Atlanta, combines artificial intelligence and...

XenMobile Analyzer Tool

The new XenMobile Analyzer Tool is a cloud-based solution that allows XenMobile administrators to diagnose issues proactively and in real time. XenMobile Analyzer environmental checks can identify device issues, user enrollment issues, and authentication issues. Numerous use-cases and deployment...

IBM's Watson Supercomputer Tackles Security

IBM is leveraging the power of its Watson supercomputer to thwart viruses, ransomware and DDoS attacks. On Tuesday it unveiled an ambitious plan to feed Watson billions of data points from security sources daily so that Watson can spot anomalies as they happen and stop them dead in their tracks...

Want to Use Quantum Computer? IBM launches One for Free

In Brief What would you do if you get access to a Quantum Computer? IBM Scientists launches the world’s first cloud-based quantum computing technology, calling the IBM Quantum Experience, for anyone to use. It is an online simulator that lets anyone run algorithms and experiments on the company's...

Prezi Bug Bounty #5 - CS Cross Site & Redirect Vulnerability

Document Title: =============== Prezi Bug Bounty 5 - CS Cross Site & Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1724 Release Date: ============= 2016-02-19 Vulnerability Laboratory ID VL-ID: ===================================...

Prezi Bug Bounty #5 - CS Cross Site & Redirect Vulnerability

Document Title: =============== Prezi Bug Bounty 5 - CS Cross Site & Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1724 Release Date: ============= 2016-02-19 Vulnerability Laboratory ID VL-ID: ===================================...

Telegram (API) - Cross Site Request Forgery Vulnerabilities

Document Title: =============== Telegram API - Cross Site Request Forgery Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1648 Release Date: ============= 2016-01-17 Vulnerability Laboratory ID VL-ID: ====================================...

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong. An August attack against several media companies in Hong Kong was carried out shortly after a...

Polycom RealPresence CloudAXIS Suite Cross-Site Scripting Vulnerability

Polycom RealPresence CloudAXIS Suite is a cloud-based, cross-platform video collaboration solution from Polycom. The solution allows meeting schedules to be sent to contacts via email and calendar invitations. A cross-site scripting vulnerability exists in Polycom RealPresence CloudAXIS Suite 1.6...

Smart home vulnerabilities is how to be hackers-use-vulnerability warning-the black bar safety net

! Smart Home is today's favourites, however in people only focus on the home of intelligent and humane, hackers are will look to put in a smart home, everything can be exploitable. From the application vulnerability Data show that in a variety of home automation equipment and the help of sensors,...

Cisco Acquires OpenDNS for $635 Million

Cisco continues to spend on security, today announcing its intent to acquire San Francisco-based OpenDNS for $635 million. OpenDNS’ domain name system and cloud-based security services bring threat data collected from those platforms to Cisco’s security offerings. “To build on Cisco’s advanced...

Students Built Open Source Web-Based Threat Modeling Tool

Threat models help application developers answer some fundamental questions about potential risks and how to cut off vulnerabilities before they’re put into production. Some software development lifecycles, however, don’t include threat modeling as part of the code-building process because they’v...

Microsoft Shuts Down Patch Tuesday Advanced Notifications

Microsoft today pulled the plug on its Advanced Notification Service ANS, offering it going forward only to paying Premier customers. ANS preceded the release of Microsoft’s monthly Patch Tuesday security bulletins; on the Thursday prior, Microsoft would provide users via its security website a...

GQ File Manager 0.2.5 Sql Injection / Cross Site Scripting Vulnerabilities

GQ File Manager version 0.2.5 suffers from cross site scripting and remote SQL injection vulnerabilities. Exploit Title: GQ File Manager - Sql Injection - Cross Site Scripting Vulnerability's Date: 19/12/2014 Url Vendor: http://installatron.com/phpfilemanager Vendor Name: GQ File Manager Version:...

GQ File Manager 0.2.5 - Multiple Vulnerabilities

GQ File Manager 0.2.5 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: GQ File Manager - Sql Injection - Cross Site Scripting Vulnerability's Date: 19/12/2014 Url Vendor...

GQ File Manager 0.2.5 - Multiple Vulnerabilities

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: GQ File Manager - Sql Injection - Cross Site Scripting Vulnerability's Date: 19/12/2014 Url Vendor: http://installatron.com/phpfilemanager Vendor...