Linux users are on a high risk due to a security flaw in a core library component that is used by almost all Linux distributions. This critical vulnerability allows remote attackers to execute arbitrary code due to a buffer overflow in the glibc (GNU C) library. Shell access to the Continue Reading

Fully secured BlackPhone is vulnerable to remote code execution vulnerability due to an error in the SilentText secure messaging application. The flaw is quite critical as it allows intruders to decrypt messages, read contact information, collect location data and even execute malicious code on the phone. Security researcher Mark Dowd Continue Reading

Google rolled out latest version of Chrome 40, addresses 62 security flaws. Chrome 40 is available on Windows, Mac and Linux platforms. According to advisory, most of the vulnerabilities are rated HIGH – SSL 3.0 has also been completely disabled to avoid any security issues arising from Heartbleed and POODLE Continue Reading

In January’s Critical Patch Update (CPU), Oracle released fixes for 169 security vulnerabilities covering various products. Oracle Database, Oracle Fusion Middleware components, Oracle Applications (eBusiness in particular), Oracle Sun Systems Products Suite, and Java SE get fixes for high severity security flaws. CVE-2014-6567 is the most severe one that targets Continue Reading

Microsoft’s first Patch Tuesday for 2015 contains eight security bulletins where ONE is rated as CRITICAL and rest are rated as IMPORTANT. The critical bulletin MS15-002 addresses a security flaw in the Windows Telnet Service that allows attacker to make unauthorized changes to a device. Although Telnet service is disabled Continue Reading