Blockchain Developer Gets Busted After Talk in North Korea

Hacker and Ethereum developer Virgil Griffith was recently arrested by US authorities for speaking at a conference on blockchain technologies...

Corsy - CORS Misconfiguration Scanner

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Usage Using Corsy is pretty simple python corsy.py -u https://example.com A delay between consecutive requests can be specified with -d option. Note: This is a beta version, features such as JSON...

CVE-2019-13683

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2019-13673

Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2019-13668

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2019-13683

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2019-13668

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2019-13683

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2019-13673

Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2019-13668

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2019-13683

CVE-2019-13683 affects Google Chrome prior to 77.0.3865.75, where insufficient policy enforcement in developer tools could allow a crafted HTML page to leak cross-origin data. The vulnerability is a cross-origin data disclosure via the browser’s developer tools surface, with network-vector exposu...

Grammarly: Unauthenticated users can access all food.grammarly.io user's data

Summary: The food.grammarly.io site uses the Meteor framework, which uses publications and methods to communicate between the backend and frontend. Although the site seems to require being authenticated as a Grammarly employee to use it, most methods and publications work without being...

Google Will Award $1M-Plus to People Who Can Hack Titan M Security Chip

Google is willing to award up to $1.5 million to hackers who can successfully hack its Titan M security chip on the company’s Pixel devices as part of an expansion of its Android bug-bounty program unveiled this week. The company revealed increased payouts to its Android Security Rewards in a blo...

Visit Akamai at AWS re:Invent 2019

From December 2-6, the Las Vegas Strip will be jam-packed with tens of thousands of developers, engineers, admins, architects, and other technologists for AWS re:Invent, the annual learning conference hosted by Amazon Web Services for the global cloud computing community. Akamai is excited to be ...

KLA11607 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual Studio can be exploited remotely ...

[SECURITY] Fedora 29 Update: python35-3.5.8-2.fc29

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

October Release: Q&A with Ari Weil

Shortly after Akamai announced the October 2019 Release with new features and capabilities across its security, performance and media product lines, Akamai's VP of Product Marketing, Ari Weil, took over Akamai's Twitter account for a live October Release Q&A. For those that missed the live event,...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java S...

Android Security Bulletin—November 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-11-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Pixel Update Bulletin—November 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2019-11-05 or later address all issues in this bulletin and all issues in the November 2019 Android...