threatpost (12)

HP to Patch Bug Impacting 50 Enterprise Printer Models

HP said dozens of enterprise-class printer models will receive a patch for an arbitrary code execution vulnerability sometime this week.

Uber Reveals 2016 Breach of 57 Million User Accounts

Uber CEO said a 2016 data breach that exposed 57 million Uber user accounts and a subsequent payment of $100,000 to a hacker to delete data and keep it a secret is inexcusable.

Intel Patches CPU Bugs Impacting Millions of PCs, Servers

Intel released eight patches for vulnerabilities in remote management software and firmware that could allow local adversaries to elevate privileges, run arbitrary code, crash systems and eavesdrop on communications.

US-CERT Warns of ASLR Implementation Flaw In Windows

US-CERT is warning of a vulnerability in Microsoft's implementation of Address Space Layout Randomization that affects Windows 8, Windows 8.1 and Windows 10.

CENTCOM Says Massive Data Cache Found on Leaky Server is Benign

Pentagon contractor left 1.8 billion mostly benign publicly accessible social-media posts scraped from the internet on a publicly accessible Amazon storage bucket.

The First Threatpost Alumni Podcast

With Mike Mimoso leaving Threatpost, it was high time to get many of the people responsible for the site's success throughout the years together for a podcast. Founding editors Ryan Naraine and Dennis Fisher along with Mike, Chris Brook, Brian Donohue and Christen Gentile are aboard for a memorable ...

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library.

Amazon Promises Fix to Stop Key Service Hack

Amazon said it will offer a fix for its Amazon Key delivery service that allows hackers to tamper with a home security camera.

Oracle Issues Emergency Patches for 'JoltandBleed' Vulnerabilities

Oracle pushed out an emergency update for vulnerabilities dubbed 'JoltandBleed' affecting five of its products that rely on its proprietary Jolt protocol.

White House Releases VEP Disclosure Rules

The White House released a charter document on Wednesday outlining how the U.S. government will disclose cyber security flaws and when it will keep them secret.

Cisco Warns of Critical Flaw in Voice OS-based Products

Cisco Systems issued patch that fixes a critical vulnerability impacting 12 products running the Cisco Voice Operating System software.

Microsoft Patches 17-Year-Old Office Bug

Researchers warn of a Microsoft remote code execution bug that has persisted for 17 years in Office, leaving the OS unprotected until the vulnerability was patched Tuesday.