Apache Solr Bug Gets Bumped Up to High Severity

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Source: https://threatpost.com

November 20, 2019
Read More >>

High-Severity Windows UAC Flaw Enables Privilege Escalation

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Source: https://threatpost.com

November 20, 2019
Read More >>

XSS Flaw in Gmail’s Dynamic Email Feature Earns Researcher $5,000

A researcher has earned $5,000 from Google for an interesting cross-site scripting (XSS) vulnerability found in the dynamic email feature added a few months ago to Gmail. The dynamic email feature, also known as Accelerated Mobile Pages (AMP) for email or AMP4Email, enables the use of dynamic HTML content in emails, allowing users to conduct various tasks directly from within an email, such as responding to a Google Docs comment,…

November 20, 2019
Read More >>

Bigger Rewards, New Targets Announced for Mozilla Bug Bounty Program

Mozilla is celebrating the 15th anniversary of its Firefox web browser with significant updates to the organization’s bug bounty program, including new targets and bigger rewards. Mozilla announced on Tuesday that it’s doubling all payouts for vulnerabilities found in critical and core websites and services, and the maximum reward for remote code execution flaws affecting critical sites has been tripled to $15,000. Mozilla says the increased bounties have already been…

November 20, 2019
Read More >>

D-Link Adds More Buggy Router Models to ‘Won’t Fix’ List

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Source: https://threatpost.com

November 20, 2019
Read More >>

Vulnerabilities in Android Camera Apps Exposed Millions of Users to Spying

Vulnerabilities discovered by researchers in the Android camera apps provided by Google and Samsung could have been exploited by malicious actors to spy on hundreds of millions of users. Cybersecurity firm Checkmarx reported on Tuesday that its researchers have found a way to abuse Android camera applications to conduct a wide range of spying activities, including taking photos, recording videos, tracking a user’s location, and recording voice calls. The attack…

November 19, 2019
Read More >>