Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

The very first Pwn2Own hacking competition that exclusively focuses on the industrial control systems (ICS) has kicked off in Miami. So far, a total of $180,000 has been awarded for pwning five different products. The contest hosts at Trend Micro’s Zer…

#cybersecurity | #hackerspace | Coverity & Black Duck together. Better. Faster. Stronger.

Smart organizations in the business of building software know they need a mix of application testing tools to help ensure the code they produce is high-quality and secure. Many have already taken the steps to secure the code their developers write with…

RedHat: RHSA-2020-0204:01 Important: kernel security and bug fix update>

An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, …

SUSE: 2020:0204-1 important: the Linux Kernel (Live Patch 33 for SLE 12 SP1)>

An update that fixes two vulnerabilities is now available. SUSE Security Update: Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU…

What is a buffer overflow? And how hackers exploit these vulnerabilities

Software that writes more data to a memory buffer than it can hold creates vulnerabilities that attackers can exploit. Good software development practices can stop buffer overflows from happening.

rclassenlayouts / Aleksei Derin / Getty Images

Buffer…

Notorious Crime Gang Targets Internet Routers Using Tomato Firmware (Slashdot)

An anonymous reader quotes a report from Ars Technica: Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found, the e…

Vulnerability Spotlight: Bitdefender BOX 2 bootstrap remote code execution vulnerabilities

Claudio Bozzato, Lilith Wyatt and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The Bitdefender BOX 2 contains two remote code execution vulnerabilities in its bootstrap stage. The BOX 2 is a device that protects u…