all InfoSec news logo
all InfoSec news The InfoSec news aggregator platform
all InfoSec news

Topic: flaw

RSS
Dark Souls PvP servers taken down to investigate severe RCE flaw 4 hours ago | bleepingcomputer.com
dark down flaw gaming +4
WordPress plugin flaw puts users of 20,000 sites at phishing risk 4 days ago | bleepingcomputer.com
20 flaw phishing plugin +4
GitHub Actions flaw that allowed code to be approved without review is addressed with new … 4 days, 23 hours ago | portswigger.net
code flaw github new
GitHub Actions flaw that allowed code to be approved without review is addressed 4 days, 23 hours ago | portswigger.net
code flaw github
Mac users, update now! “Powerdir” flaw could allow attackers to spy on you 5 days, 1 hour ago | malwarebytes.com
apple attackers black hat usa 2021 csaba fitzl +13
s
Box flaw allowed to bypass MFA and takeover accounts 5 days, 3 hours ago | securityaffairs.co
authentication bypass box breaking news bypass +11
Mandatory Chinese Olympics App Has 'Devastating' Encryption Flaw: Analyst 5 days, 5 hours ago | securityweek.com
app application security chinese encryption +4
Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central 6 days, 6 hours ago | thehackernews.com
critical desktop central flaw manageengine +2
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites 1 week ago | reddit.com
flaw infosecnews severity wordpress +1
s
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites 1 week ago | securityaffairs.co
breaking news flaw hacking hacking news +10
White House hosts open-source software security summit in light of expansive Log4j flaw> 1 week, 3 days ago | linuxsecurity.com
flaw house linux linux security +9
Cisco fixes a critical flaw in Unified CCMP and Unified CCDM 1 week, 3 days ago | reddit.com
cisco critical flaw infosecnews +2
Iran-Based APT35 Group Exploits Log4J Flaw 1 week, 3 days ago | esecurityplanet.com
advanced persistent threats apt35 critical vulnerabilities exploits +6
s
Cisco fixes a critical flaw in Unified CCMP and Unified CCDM 1 week, 3 days ago | securityaffairs.co
breaking news cisco critical cybersecurity +12
White House hosts open-source software security summit in light of expansive Log4j flaw 1 week, 4 days ago | cyberscoop.com
akamai anne neuberger apache apple +32
Volunteer Dutch flaw finders bag $100k to forward national bug bounty goal 1 week, 4 days ago | theregister.com
bounty bug bug bounty flaw +2
s
KCodes NetUSB flaw impacts millions of SOHO routers 1 week, 4 days ago | securityaffairs.co
breaking news flaw hacking hacking news +12
Check If You Have to Worry About the Latest HTTP Protocol Stack Flaw 1 week, 4 days ago | darkreading.com
flaw http http protocol stack
Apple Patches iOS HomeKit Flaw After Researcher Warning 1 week, 4 days ago | securityweek.com
apple application security audits cloud security +19
s
Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor 1 week, 5 days ago | securityaffairs.co
apt apt35 backdoor breaking news +15
Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console 1 week, 5 days ago | thehackernews.com
critical database flaw h2 +3
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | reddit.com
2022 flaw infosecnews patch +3
k
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | krebsonsecurity.com
2022 cve-2021-22947 cve-2021-36976 cve-2022-21846 +18
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | securityboulevard.com
2022 cve-2021-22947 cve-2021-36976 cve-2022-21846 +20
Patch Tuesday: Microsoft Calls Attention to 'Wormable' Windows Flaw 1 week, 5 days ago | securityweek.com
application security cloud security compliance cyberwarfare +17
Remotely Exploitable NetUSB Flaw Puts Millions of Devices at Risk 1 week, 5 days ago | darkreading.com
devices flaw netusb risk
Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns 1 week, 6 days ago | cyberscoop.com
aquatic panda china chinese chinese hackers +8
noPac Exploit: Latest Microsoft AD Flaw May Lead to Total Domain Compromise in Seconds 1 week, 6 days ago | crowdstrike.com
ad compromise domain exploit +5
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says 1 week, 6 days ago | darkreading.com
cisa flaw log4j
Microsoft: macOS 'Powerdir' Flaw Could Enable Access to User Data 1 week, 6 days ago | darkreading.com
access data flaw macos +3

Privacy & Freedom in the Information Age

This equipment promises more security and anonymity on the Internet. What do you think? Is … an hour ago | reddit.com
anonymity internet on privacy +1
Superhero Secret Identities Aren't Possible with Today’s Computing Technologies an hour ago | reddit.com
computing privacy technologies
3 Social Media Accounts Wouldn't load for same 10 minutes: SOC IAL CRE DIT monitor? an hour ago | reddit.com
10 media monitor privacy +3

cybersecurity

CyberSecurity Architecture - DMZ zone and Proxy an hour ago | reddit.com
architecture cybersecurity proxy
Cobalt Strike, a Defender’s Guide – Part 2 2 hours ago | reddit.com
cobalt cobalt strike cybersecurity defender +1
HIBP - Security alert 5 hours ago | reddit.com
alert cybersecurity security

Security Boulevard

API Security, Ransomware Top 2022 Threats 2 hours ago | securityboulevard.com
2022 analytics & intelligence api api security +16
Predict 2022: Top Cybersecurity Threats for 2022 4 hours ago | securityboulevard.com
2022 alias forensics cybersecurity cybersecurity insights +14
How Businesses Can Put Privacy First 6 hours ago | securityboulevard.com
businesses ciso ciso suite data governance +5

Help Net Security

A 2022 priority: Automated mobile application security testing 9 hours ago | helpnetsecurity.com
2022 application application security application security testing +16
Fraud detection is great, but you also need prevention 9 hours ago | helpnetsecurity.com
account protection consumer cyberattack detection +9
COVID test related scam emails still highly popular among cybercriminals 10 hours ago | helpnetsecurity.com
barracuda networks coronavirus covid cyberattack +11

LinuxSecurity.com - Hybrid RSS

openSUSE: 2022:0019-1 important: chromium> 5 hours ago | linuxsecurity.com
2022 chromium linux linux security +3
openSUSE: 2022:0157-1 important: zxing-cpp> 6 hours ago | linuxsecurity.com
2022 linux linux security opensuse +2
SciLinux: SLSA-2022-0204-1 Moderate: java-11-openjdk on SL7.x x86_64> 6 hours ago | linuxsecurity.com
11 2022 java linux +4

BleepingComputer

SonicWall explains why firewalls were caught in reboot loops an hour ago | bleepingcomputer.com
firewalls reboot sonicwall technology +1
Malicious PowerPoint files used to push remote access trojans an hour ago | bleepingcomputer.com
access files malicious powerpoint +4
Dark Souls servers taken down to prevent hacks using critical bug 4 hours ago | bleepingcomputer.com
bug critical dark down +5

cs.CR updates on arXiv.org

An algebraic attack on stream ciphers with application to nonlinear filter generators and WG-PRNG. (arXiv:2112.12268v2 … 14 hours ago | arxiv.org
application attack ciphers on +2
VESPo: Verified Evaluation of Secret Polynomials. (arXiv:2110.02022v2 [cs.CR] UPDATED) 14 hours ago | arxiv.org
A Complete algorithm for local inversion of maps: Application to Cryptanalysis. (arXiv:2105.07332v2 [cs.CR] UPDATED) 14 hours ago | arxiv.org
application local

The Hacker News

ZTNAs Address Requirements VPNs Cannot. Here's Why. an hour ago | thehackernews.com
address requirements vpns why
Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams 5 hours ago | thehackernews.com
crypto hackers rug pull scams +1
Emotet Now Using Unconventional IP Address Formats to Evade Detection 9 hours ago | thehackernews.com
address detection emotet ip +2

SecurityWeek RSS Feed

Hacked AccessPress Site Served Backdoored WordPress Plugins, Themes an hour ago | securityweek.com
hacked news & industry site virus & malware +3
GDPR Fines Surged Sevenfold to $1.25 Billion in 2021: Study an hour ago | securityweek.com
2021 fines gdpr news & industry +2
Assange Wins First Stage in Effort to Appeal US Extradition 2 hours ago | securityweek.com
assange first news & industry tracking & law enforcement +2

Latest

Dark Souls PvP servers taken down to investigate severe RCE flaw 4 hours ago | bleepingcomputer.com
dark down flaw gaming +4
WordPress plugin flaw puts users of 20,000 sites at phishing risk 4 days ago | bleepingcomputer.com
20 flaw phishing plugin +4
GitHub Actions flaw that allowed code to be approved without review is addressed with new … 4 days, 23 hours ago | portswigger.net
code flaw github new
GitHub Actions flaw that allowed code to be approved without review is addressed 4 days, 23 hours ago | portswigger.net
code flaw github
Mac users, update now! “Powerdir” flaw could allow attackers to spy on you 5 days, 1 hour ago | malwarebytes.com
apple attackers black hat usa 2021 csaba fitzl +13
s
Box flaw allowed to bypass MFA and takeover accounts 5 days, 3 hours ago | securityaffairs.co
authentication bypass box breaking news bypass +11
Mandatory Chinese Olympics App Has 'Devastating' Encryption Flaw: Analyst 5 days, 5 hours ago | securityweek.com
app application security chinese encryption +4
Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central 6 days, 6 hours ago | thehackernews.com
critical desktop central flaw manageengine +2
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites 1 week ago | reddit.com
flaw infosecnews severity wordpress +1
s
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites 1 week ago | securityaffairs.co
breaking news flaw hacking hacking news +10
White House hosts open-source software security summit in light of expansive Log4j flaw> 1 week, 3 days ago | linuxsecurity.com
flaw house linux linux security +9
Cisco fixes a critical flaw in Unified CCMP and Unified CCDM 1 week, 3 days ago | reddit.com
cisco critical flaw infosecnews +2
Iran-Based APT35 Group Exploits Log4J Flaw 1 week, 3 days ago | esecurityplanet.com
advanced persistent threats apt35 critical vulnerabilities exploits +6
s
Cisco fixes a critical flaw in Unified CCMP and Unified CCDM 1 week, 3 days ago | securityaffairs.co
breaking news cisco critical cybersecurity +12
White House hosts open-source software security summit in light of expansive Log4j flaw 1 week, 4 days ago | cyberscoop.com
akamai anne neuberger apache apple +32
Volunteer Dutch flaw finders bag $100k to forward national bug bounty goal 1 week, 4 days ago | theregister.com
bounty bug bug bounty flaw +2
s
KCodes NetUSB flaw impacts millions of SOHO routers 1 week, 4 days ago | securityaffairs.co
breaking news flaw hacking hacking news +12
Check If You Have to Worry About the Latest HTTP Protocol Stack Flaw 1 week, 4 days ago | darkreading.com
flaw http http protocol stack
Apple Patches iOS HomeKit Flaw After Researcher Warning 1 week, 4 days ago | securityweek.com
apple application security audits cloud security +19
s
Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor 1 week, 5 days ago | securityaffairs.co
apt apt35 backdoor breaking news +15
Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console 1 week, 5 days ago | thehackernews.com
critical database flaw h2 +3
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | reddit.com
2022 flaw infosecnews patch +3
k
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | krebsonsecurity.com
2022 cve-2021-22947 cve-2021-36976 cve-2022-21846 +18
‘Wormable’ Flaw Leads January 2022 Patch Tuesday 1 week, 5 days ago | securityboulevard.com
2022 cve-2021-22947 cve-2021-36976 cve-2022-21846 +20
Patch Tuesday: Microsoft Calls Attention to 'Wormable' Windows Flaw 1 week, 5 days ago | securityweek.com
application security cloud security compliance cyberwarfare +17
Remotely Exploitable NetUSB Flaw Puts Millions of Devices at Risk 1 week, 5 days ago | darkreading.com
devices flaw netusb risk
Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns 1 week, 6 days ago | cyberscoop.com
aquatic panda china chinese chinese hackers +8
noPac Exploit: Latest Microsoft AD Flaw May Lead to Total Domain Compromise in Seconds 1 week, 6 days ago | crowdstrike.com
ad compromise domain exploit +5
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says 1 week, 6 days ago | darkreading.com
cisa flaw log4j
Microsoft: macOS 'Powerdir' Flaw Could Enable Access to User Data 1 week, 6 days ago | darkreading.com
access data flaw macos +3

Top (last 7 days)

s
Box flaw allowed to bypass MFA and takeover accounts 5 days, 3 hours ago | securityaffairs.co
authentication bypass box breaking news bypass +11
Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central 6 days, 6 hours ago | thehackernews.com
critical desktop central flaw manageengine +2
GitHub Actions flaw that allowed code to be approved without review is addressed 4 days, 23 hours ago | portswigger.net
code flaw github
GitHub Actions flaw that allowed code to be approved without review is addressed with new … 4 days, 23 hours ago | portswigger.net
code flaw github new
WordPress plugin flaw puts users of 20,000 sites at phishing risk 4 days ago | bleepingcomputer.com
20 flaw phishing plugin +4
Dark Souls PvP servers taken down to investigate severe RCE flaw 4 hours ago | bleepingcomputer.com
dark down flaw gaming +4
Mandatory Chinese Olympics App Has 'Devastating' Encryption Flaw: Analyst 5 days, 5 hours ago | securityweek.com
app application security chinese encryption +4
Mac users, update now! “Powerdir” flaw could allow attackers to spy on you 5 days, 1 hour ago | malwarebytes.com
apple attackers black hat usa 2021 csaba fitzl +13

Top sources (last 7 days)

Privacy & Freedom in the Information Age

This equipment promises more security and anonymity on the Internet. What do you think? Is … an hour ago | reddit.com
anonymity internet on privacy +1
Superhero Secret Identities Aren't Possible with Today’s Computing Technologies an hour ago | reddit.com
computing privacy technologies
3 Social Media Accounts Wouldn't load for same 10 minutes: SOC IAL CRE DIT monitor? an hour ago | reddit.com
10 media monitor privacy +3

cybersecurity

CyberSecurity Architecture - DMZ zone and Proxy an hour ago | reddit.com
architecture cybersecurity proxy
Cobalt Strike, a Defender’s Guide – Part 2 2 hours ago | reddit.com
cobalt cobalt strike cybersecurity defender +1
HIBP - Security alert 5 hours ago | reddit.com
alert cybersecurity security

Security Boulevard

API Security, Ransomware Top 2022 Threats 2 hours ago | securityboulevard.com
2022 analytics & intelligence api api security +16
Predict 2022: Top Cybersecurity Threats for 2022 4 hours ago | securityboulevard.com
2022 alias forensics cybersecurity cybersecurity insights +14
How Businesses Can Put Privacy First 6 hours ago | securityboulevard.com
businesses ciso ciso suite data governance +5

Help Net Security

A 2022 priority: Automated mobile application security testing 9 hours ago | helpnetsecurity.com
2022 application application security application security testing +16
Fraud detection is great, but you also need prevention 9 hours ago | helpnetsecurity.com
account protection consumer cyberattack detection +9
COVID test related scam emails still highly popular among cybercriminals 10 hours ago | helpnetsecurity.com
barracuda networks coronavirus covid cyberattack +11

LinuxSecurity.com - Hybrid RSS

openSUSE: 2022:0019-1 important: chromium> 5 hours ago | linuxsecurity.com
2022 chromium linux linux security +3
openSUSE: 2022:0157-1 important: zxing-cpp> 6 hours ago | linuxsecurity.com
2022 linux linux security opensuse +2
SciLinux: SLSA-2022-0204-1 Moderate: java-11-openjdk on SL7.x x86_64> 6 hours ago | linuxsecurity.com
11 2022 java linux +4

BleepingComputer

SonicWall explains why firewalls were caught in reboot loops an hour ago | bleepingcomputer.com
firewalls reboot sonicwall technology +1
Malicious PowerPoint files used to push remote access trojans an hour ago | bleepingcomputer.com
access files malicious powerpoint +4
Dark Souls servers taken down to prevent hacks using critical bug 4 hours ago | bleepingcomputer.com
bug critical dark down +5

cs.CR updates on arXiv.org

An algebraic attack on stream ciphers with application to nonlinear filter generators and WG-PRNG. (arXiv:2112.12268v2 … 14 hours ago | arxiv.org
application attack ciphers on +2
VESPo: Verified Evaluation of Secret Polynomials. (arXiv:2110.02022v2 [cs.CR] UPDATED) 14 hours ago | arxiv.org
A Complete algorithm for local inversion of maps: Application to Cryptanalysis. (arXiv:2105.07332v2 [cs.CR] UPDATED) 14 hours ago | arxiv.org
application local

The Hacker News

ZTNAs Address Requirements VPNs Cannot. Here's Why. an hour ago | thehackernews.com
address requirements vpns why
Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams 5 hours ago | thehackernews.com
crypto hackers rug pull scams +1
Emotet Now Using Unconventional IP Address Formats to Evade Detection 9 hours ago | thehackernews.com
address detection emotet ip +2

SecurityWeek RSS Feed

Hacked AccessPress Site Served Backdoored WordPress Plugins, Themes an hour ago | securityweek.com
hacked news & industry site virus & malware +3
GDPR Fines Surged Sevenfold to $1.25 Billion in 2021: Study an hour ago | securityweek.com
2021 fines gdpr news & industry +2
Assange Wins First Stage in Effort to Appeal US Extradition 2 hours ago | securityweek.com
assange first news & industry tracking & law enforcement +2

Latest InfoSec Jobs

Data Security Analyst Intermediate/Associate

@ University of Michigan - ITS | Ann Arbor, MI
View on infosec-jobs.com

Data Security Analyst Intermediate/Associate

@ University of Michigan - ITS | Ann Arbor, MI
View on infosec-jobs.com

Information Security Engineer

@ Arnold & Porter | Washington, DC
View on infosec-jobs.com

IT Policy, Governance, and Compliance Analyst

@ University of Michigan - ITS | Ann Arbor, MI
View on infosec-jobs.com

Director, Security and Trust - Remote

@ Elemy | United States
View on infosec-jobs.com

Senior Program Manager (Security)

@ Elemy | United States
View on infosec-jobs.com