IBM: POST based Cross-Site Scripting on IBM research endpoint

The POST-based Cross-Site Scripting vulnerability on the IBM research endpoint was reported, analyzed, and remediated. The vulnerability was discovered by an external researcher...

Speculative Race Conditions (SRCs)

Bulletin ID: AMD-SB-7016 Potential Impact: Speculative Race Condition Severity: Varies by CVE, see descriptions below Summary Researchers from IBM Research Europe and Vrije Universiteit Amsterdam have published a paper titled “GhostRace: Exploiting and Mitigating Speculative Race Conditions.” AMD...

The Overlooked Security Threat of Sign-In Kiosks

New research from IBM shows that several visitor management systems had a rash of vulnerabilities...

research.ibm.com XSS vulnerability

Vulnerable URL: https://www.research.ibm.com/haifa/projects/systems/ple/rad/boss/4ListEditorcontroller.swf?csConfigFile=http://nsa.is.spying-on.us/hp.xml Details: Description| Value ---|--- Patched:| Yes, at 16.09.2016 Latest check for patch:| 16.09.2016 20:05 GMT Vulnerability type:| XSS...

The Dropbox SDK, there is a remote exploit, has been an emergency fix-bug warning-the black bar safety net

! The Dropbox developers recently fixed the Android version of the Dropbox SDK to store the application on a remote exploitation vulnerability, an attacker exploit the vulnerability without user consent directly to the app and the Dropbox account is connected. As long as the user installed...