Security Alerts & News
by Tymoteusz A. Góral

History
#1013 Severe Swagger vulnerability compromises NodeJS, PHP, Java
Researchers have discovered a vulnerability within the Swagger specification which may place tools based on NodeJS, PHP, Ruby, and Java at risk of exploit.

According to Rapid7, the vulnerability has been found in injectable code payloads through the Swagger Code Generator for NodeJS, PHP, Ruby, and Java. If exploited, attackers can remotely execute code in a client or server to interact with definition of service systems, a concept the team says could be an "interesting space for future research."

Other similar programming languages in the tool are possibly affected.
Read more
#1018 How to spot Ingenico self-checkout skimmers
#1017 Malware can use fan noise to steal data from air-gapped systems
#1016 Chrome bug makes it easy to download movies from Netflix and Amazon Prime
#1015 Selfrando technique mitigates attacks unmasking Tor users
#1014 Popular anime site (Jkanime) infected, redirecting to exploit kit, ransomware
#1013 Severe Swagger vulnerability compromises NodeJS, PHP, Java
#1012 Malvertising and ransomware: the Bonnie and Clyde of advanced threat (PDF)
#1011 Has the Lizard Squad returned to ruin your day again?
#1010 GozNym: Living in America
#1009 Internet trolls hack popular YouTube channel WatchMojo
#1008 HTML5 ads aren't that safe compared to Flash, experts say
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12