News Clipping


CISCO addresses DoS bugs in CISCO ESA products [securityaffairs]

Cisco addressed two DoS vulnerabilities in CISCO ESA products that can be exploited by remote unauthenticated attacker. Cisco fixed two denial-of-service (DoS) flaws in Email Security Appliance (ESA) products that can be exploited by a remote unauthenticated attacker. The first flaw tracked as CVE-2018-15453  has been rated as “critical,” it is a memory corruption...

Read more


OWASP Secure Coding Practices Checklist [informationsecuritycontrol]

Input Validation 1. Conduct all data validation on a trusted system (e.g., The server) 2. Identify all data sources and classify them into trusted and untrusted. Validate all data from untrusted sources (e.g., Databases, file streams, etc.) 3. There should be a centralized input validation routine for the application 4. Specify proper character sets, such as UTF-8,...

Read more


WordPress-Related Vulnerabilities Tripled in 2018 [bleepingcomputer]

WordPress-related vulnerabilities have seen a 300% increase in 2018 compared to the previous year, a recent study has found. Most of the bugs were in the plugins that extend the functionality of WordPress websites. Powering about 30% of all websites on the internet, WordPress is the most popular content management...

Read more


NASA Warns Employees of Personal Information Breach [thehackernews]

Another day, another data breach. This time it’s the United States National Aeronautics and Space Administration (NASA) NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency’s servers was hacked. In an internal memo sent...

Read more


The Clickjacking Bug that Facebook Won’t Fix [bleepingcomputer]

A security professional exposed to a spam campaign on Facebook discovered the method used by the perpetrator and submitted a report through the company’s bug bounty program. The issue still exists because Faceboook dismissed it on on the grounds that it does not change the state of the account. Proof-of-concept...

Read more


Page 1 of 4712345...102030...Last »