_medium.jpg)
Microsoft has published an advisory about a misconfiguration that led to its own, customer, and partner data being exposed. It has also called out security researchers for mishandling the disclosure.
Disclosure RSS
The U.S. Securities and Exchange Commission (SEC) has fined Nvidia for not telling investors that their rise in revenue in 2018 was due to cryptomining interest rather than its gaming business.
_medium.jpg)
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
Advertiser pages are coming soon to Google's ad experience. They will allow consumers to make informed decisions about purchases based on disclosures and ads run by an advertiser in the past 30 days.
The "high" severity security flaw in GitHub publicly disclosed by Google's Project Zero team earlier this month has finally been patched. The security team has validated the fix and closed it.
Google's Project Zero team has disclosed a "high" severity security flaw in GitHub following the latter's inability to provide a fix in the 104 days - which includes a grace period - allotted to it.
Google's Project Zero has exposed a "high severity" flaw in macOS' kernel XNU - which apparently has issues in its implementation of copy-on-write behavior - after Apple failed to fix it in 90 days.
New variants of Spectre have been discovered by Microsoft and Google, which allow attackers to read privileged data. While mitigations will be available soon, they will result in a performance hit.
Apple, Google, Microsoft, Facebook, and later, Yahoo, are making changes to their policies to try and step away from giving in to government requests for big data, which could be good and bad.
Neowin reported earlier today that, an annoyed Carbonite customer who wanted to write reviews in Amazon.com regarding his experiences with Carbonite, found out that the high level employees of carbonite gave positive product reviews disguised...
Marc Schoenefeld has reported a weakness in Opera, which can be exploited by malicious people to disclose some system information. Opera accesses the JRE (Java Runtime Environment) directly instead of using the Java plugin. The...
Georgi Guninski has reported that a two year old vulnerability has been reintroduced in Microsoft Internet Explorer and can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to...
A security issue has been identified in Microsoft® Windows® that could allow an attacker to see information in your computer's memory over a network. You can help protect your computer by installing this update from...
Most large corporations and government agencies have been attacked by computer hackers, but more often and more frequently they do not inform authorities of the breaches, an FBI survey finds. The survey released...
Proponents of an effort to standardize the handling of computer security vulnerabilities today aborted the effort after receiving critical comments from reviewers. In a message today to members of the Internet Engineering...
Thanks Jon for sending this one in. Taken from a post bugtraq by Tom Micklovitch (dated Feb 8th): Exploit: Register an account for MSN messenger, make some contact email addresses, leave...
