news

Just over a year and a half after the release of the Meltdown and Specter vulnerabilities, which enabled novel side channel attacks on a variety of processors from Intel and other vendors, new, related approaches have been discovered once again. The cleanup after the first discoveries still take. The research…

Ad Inserter, a plugin for managing and optimally placing ads on WordPress web pages, has until recently had a vulnerability that would allow authenticated attackers to remotely execute arbitrary code. The developer team of the security plugin WordFence has discovered the vulnerability and released a security notice. Accordingly, it affects…

Since the release of Firefox 65 in late January, many users on Windows systems have had connectivity issues resulting from conflicts between the Web browser and third-party antivirus software. The new Firefox version 68, whose release is scheduled for next Tuesday, July 9, 2019, is designed to address these issues.…

In the Chrome version of the popular Evernote Web Clipper browser extension for easy online content storage, a bug in the code of all versions up to and including 7.11.1 allowed cross-site scripting (XSS) attacks to be performed across domains collect confidential user information. The research team of the security…

We wish you a nice Pentecostdays.

The mail client Thunderbird is vulnerable. In the now available edition 60.7 the developers have closed several security holes. Overall, Mozilla has rated the attack risk as “high”. Since scripting is disabled by default, the gaps should not be exploited by just opening and reading emails. Rather, the context similar…