- Uber Reveals 2016 Breach of 57 Million User Accounts
Uber CEO said a 2016 data breach that exposed 57 million Uber user accounts and a subsequent payment of $100,000 to a hacker to delete data and keep it a secret is inexcusable.
- Intel Patches CPU Bugs Impacting Millions of PCs, Servers
Intel released eight patches for vulnerabilities in remote management software and firmware that could allow local adversaries to elevate privileges, run arbitrary code, crash systems and eavesdrop on …
- US-CERT Warns of ASLR Implementation Flaw In Windows
US-CERT is warning of a vulnerability in Microsoft’s implementation of Address Space Layout Randomization that affects Windows 8, Windows 8.1 and Windows 10.
- CENTCOM Says Massive Data Cache Found on Leaky Server is Benign
Pentagon contractor left 1.8 billion mostly benign publicly accessible social-media posts scraped from the internet on a publicly accessible Amazon storage bucket.
- The First Threatpost Alumni Podcast
With Mike Mimoso leaving Threatpost, it was high time to get many of the people responsible for the site's success throughout the years together for a podcast. Founding editors Ryan Naraine and D …
- Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks
Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library.
- Amazon Promises Fix to Stop Key Service Hack
Amazon said it will offer a fix for its Amazon Key delivery service that allows hackers to tamper with a home security camera.
- Oracle Issues Emergency Patches for ‘JoltandBleed’ Vulnerabilities
Oracle pushed out an emergency update for vulnerabilities dubbed 'JoltandBleed' affecting five of its products that rely on its proprietary Jolt protocol.
- White House Releases VEP Disclosure Rules
The White House released a charter document on Wednesday outlining how the U.S. government will disclose cyber security flaws and when it will keep them secret.
- Cisco Warns of Critical Flaw in Voice OS-based Products
Cisco Systems issued patch that fixes a critical vulnerability impacting 12 products running the Cisco Voice Operating System software.