Tag: vulnerabilities

IP Phone Home

Exploitable Flaw in NPM Private IP App Lurks Everywhere, Anywhere

A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.

TCL Android TV

TV Maker TCL Denies Back Door, Promises Better Process

Chinese electronics giant TCL has acknowledged security holes in some models of its smart television sets, but denies that it maintains a secret “back door” that gives it control over deployed TVs.

Vulnerability Warning

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to talk about how finding his first CVE vulnerability, more than 20 years ago, nearly got him fired. Also: Katie Petrillo of LastPass joins us to talk about how some of the security adjustments we’ve made for COVID might not go away any time soon.

Developer in darkened room

Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

The pandemic isn’t the only thing shaking up development organizations. Application security is a top concern and security work is “shifting left” and becoming more intertwined with development. In this podcast, Security Ledger Editor in Chief Paul Roberts talks about it with Jonathan Hunt, Vice President of Security at the firm GitLab.

adobe cybersecurity concept

“Boothole” Bootloader Flaw Breaks Security on Most Linux, Windows Devices

A newly discovered vulnerability dubbed ‘Boothole’ compromises the foundation of device security for “virtually all Linux distributions” and some Microsoft’s Windows devices that employ “Secure Boot” feature, according to a new report.