CVE-2018-17766

Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N...

Achieving Product Platform mindset

Imperva has decided to gradually shift to a company-wide Platform mindset in which, instead of having a set of separate products and features, there is a set of capabilities and building blocks upon which the products and features are built. Until now, special Platform teams have developed Platfo...

File Deletion Vulnerability in EmpireCMS of Dixing Software Development Co.

EmpireCMS is a content management system CMS. EmpireCMS has a file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...

Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry

A campaign called Operation Skeleton Key has stolen source code, software development kits, chip designs, and more...

Gansu Xiusen Network Information Technology Co., Ltd. website building system has SQL injection vulnerabilities

Gansu Xiusen Network Information Technology Co., Ltd abbreviation: Xiusen Network, located in Anning District, Lanzhou, Gansu, the company is engaged in software development, website development and other high-tech. Gansu Xiusen Network Information Technology Co., Ltd. website building system has...

North Korean Hackers Spotted Using New Multi-Platform Malware Framework

Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware. Capable of targeting Windows, Linux, and macOS...

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

How AI and Voice Technology is Similar to a Service Dog

Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog. Throwing the duties of a service dog into the same court as technology is outlandish as things get, even in the middle of an ever-shifting pandemic. But with retail software development services workin...

CVE-2020-9627

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9628

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9589

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2020-9626

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9589

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

Heap overflow

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

Business Secure: How AI is Sneaking into our Restaurants

Prior to pandemic days, the restaurant industry talked of computers that might end up taking over their daily responsibilities. They’d joke about how a kiosk can communicate orders to the kitchen, much like they can. Well, now that we live in a global world that will be reluctant to dine with...

SQL Injection Vulnerability in Worklog Us***_Ro***.aspx file of Shanghai Tsuen Lu Software Development Studio.

Worklog system Worklog is a system that allows employees to record the content of their work, provide timely feedback to their superiors on difficulties encountered at work, and supervisors can assess the work of their employees and allow the system to generate KPI reports. Worklog UsRo.aspx file...

Moderate: Red Hat Security Advisory: rh-nodejs8-nodejs security update

An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Innovation Driven by Operational Experience and Engineering Insight Deters NXNS Attacks

DNS and security have had a long and tangled relationship. The DNS has always been an attractive target since it's a network leverage point. At DNS OARC 30 in Bangkok in 2019, Akamai's Ralf Weber did a presentation called DNS Security: Past, Present, and Future It's Not Easy covering numerous DNS...

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK lies in buffer overflow attacks in the dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

How to Create a Culture of Kick-Ass DevSecOps Engineers

Much like technology itself, the tools, techniques, and optimum processes for developing code evolve quickly. We humans have an insatiable need for more software, more features, more functionality… and we want it faster than ever before, more qualitative, and on top of that: Secure. With an...