Quantcast
Channel: PC World - Rapid7 RSS feed
Browsing latest articles
Browse All 38 View Live
↧

Fingerprint sensor in iPhone 5S is no silver bullet, researchers say

The fingerprint sensor in Apple's new iPhone 5S has the potential to enhance the security of the device, but the devil will be in the details.

View Article


Public release of IE exploit could spark widespread attacks

An exploit for a vulnerability that affects all versions of Internet Explorer and has yet to be patched by Microsoft has been integrated into the open-source Metasploit penetration testing tool, a move...

View Article


Open-source software projects need to improve vulnerability handling...

Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm Rapid7, who recently found and reported...

View Article

Spike in traffic with TCP source port zero has some researchers worried

A significant increase this weekend in TCP traffic with source port zero detected could be part of reconnaissance efforts in preparation for more serious attacks, according to security researchers from...

View Article

Despite patches, Supermicro's IPMI firmware is far from secure, researchers say

The Intelligent Platform Management Interface (IPMI) implementation found in motherboards from server manufacturer Supermicro suffers from serious vulnerabilities that could allow attackers to remotely...

View Article


Proprietary firmware poses a security threat, Ubuntu founder says

Mark Shuttleworth, the founder of the popular Ubuntu Linux distribution, believes proprietary firmware and unverifiable firmware code poses a serious security threat to users and encourages hardware...

View Article

Many servers expose insecure out-of-band management interfaces to the Internet

Many servers expose insecure management interfaces to the Internet through microcontrollers embedded into the motherboard that run independently of the main OS and provide monitoring and administration...

View Article

Hacker coalition sets out to improve critical device security, challenges car...

A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in...

View Article


Vulnerabilities found in more command-line tools, wget and tnftp get patches

The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities.

View Article


OpenSSL patches eight new vulnerabilities

Server administrators are advised to upgrade OpenSSL again to fix eight new vulnerabilities, two of which can lead to denial-of-service (DoS) attacks.

View Article

Thousands of U.S. gas stations exposed to Internet attacks

Over 5,000 devices used by gas stations in the U.S. to monitor their fuel tank levels can be manipulated from the Internet by malicious attackers.

View Article

OpenSSL fixes serious denial-of-service bug, 11 other flaws

The mystery high-severity flaw that people were expected to be fixed in OpenSSL is no Heartbleed, but it is serious and users should update.

View Article

Critical VM escape vulnerability impacts business systems, data centers

A critical vulnerability in code used by several virtualization platforms can put business information stored in data centers at risk of compromise.

View Article


Android stock browser vulnerable to URL spoofing

A vulnerability in Android's default Web browser lets attackers spoof the URL shown in the address bar, allowing for more credible phishing attacks.

View Article

OpenSSL fixes serious flaw that could enable man-in-the-middle attacks

A flaw in the widely used OpenSSL library could allow man-in-the-middle attackers to impersonate HTTPS servers and snoop on encrypted traffic. Most browsers are not affected, but other applications and...

View Article

Browsing latest articles
Browse All 38 View Live