Microsoft has released a temporary emergency fix addressing a security flaw in its graphics component that affects Windows, Office and Lync and if exploited can lead to remote code execution. Microsoft revealed…
Tag: Vulnerability
D-Link acknowledges router backdoor, will patch it by end of the month
D-Link has acknowledged the presence of a backdoor in version 1.13 of its firmware and has announced that it will be releasing an update to fix the issue by end of the…
Researcher discovers stored XSS flaw in GMail for iOS, gets $5,000 reward
A security researcher has found a cross site scripting (XSS) flaw in Gmail for iOS app that gets triggered without any user intervention. Roy Castillo, the researcher who found the flaw, notes…
D-Link router firmware contains hardcoded backdoor
Security researcher Craig Heffner has found a serious vulnerability in D-Link routers wherein the firmware code contains a hardcoded backdoor which will allow access to the administrative settings of the router simply…
Microsoft hands out $28k in first-ever bug bounty rewards
Microsoft paid out over $28,000 in rewards under its first ever bug-bounty program that went on for a month during the preview release of Internet Explorer 11 (IE11). The preview bug bounty…
Yahoo ups bug bounty ante from $12.50 to $15,000 after policy review
Yahoo has quickly revamped its vulnerability reporting and handling mechanism after it was ridiculed for handing out $12.50 per XSS vulnerability just a couple of days back. Explaining its stand and on…
Yahoo pays measly $12.50 for single XSS flaw under its reward program
Security researchers have revealed that Yahoo pays out peltry $12.50 for each cross-site scripting (XSS) flaw that is discovered on one of its domains, no matter how dangerous they can be if…
Ruby on Rails 2.0 – 4.0 vulnerable to account hijacks
A security researcher has warned that all versions of Ruby on Rails from 2.0 through 4.0 suffer from a vulnerability that allows hackers to hijack user accounts through the use of session…