Post Thumbnail

Android has more than one video-related security hole on its hands at the moment. Trend Micro has found a flaw that uses a malformed Matroska (MKV) video in apps or websites to crash Android's "mediaserver" service, effectively turning the target device into a paperweight. It'll not only render yo...

July 29th 2015 at 7:41pm 0 Comments
Post Thumbnail

Successful hack attacks often happen not because of tricky coding, but plain old "social engineering" -- ie, conning people. A Github researcher called "jansoucek" has discovered an iOS exploit that works on that principal to steal people's iCloud passwords. The latest version of iOS, 8.3, apparen...

June 11th 2015 at 4:27am 0 Comments
Post Thumbnail

There's a new vulnerability that could let evildoers control your Mac, even after you format the system drive. Discovered by OS X security expert Pedro Vilaca, the exploit targets older machines after they wake up from sleep mode. The problem is that security normally protecting the firmware isn't...

June 2nd 2015 at 3:48pm 0 Comments
Post Thumbnail

Researchers have discovered a new browser and website encryption vulnerability called Logjam, and there's good news and bad news. On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Ch...

May 20th 2015 at 9:45am 0 Comments
Post Thumbnail

In case you were napping, Heartbleed struck web servers' OpenSSL security last year, opening up the servers' memory to intruders. There's a new so-called zero-day vulnerability, only this time the researchers who discovered it say it's much worse, impacting millions of datacenter machines. The fla...

May 13th 2015 at 3:12pm 0 Comments
Post Thumbnail

It can't have escaped your attention that security experts have declared open season on Apple products over the last few weeks. At San Francisco's RSA conference, an even more terrifying exploit has been revealed that has the power to send your iPhone or iPad into a perpetual restart loop. Mobile...

April 22nd 2015 at 11:26am 0 Comments
Post Thumbnail

While the FREAK security vulnerability is mainly associated with Apple's Safari and Android's stock browsers, it apparently affects Windows PC too. Thankfully, Microsoft has issued an update that will patch up the vulnerability in its SSL/TSL implementation called Schannel. As we've mentioned in t...

March 11th 2015 at 1:50am 0 Comments
Post Thumbnail

In addition to launching new MacBooks and revealing its smartwatches' release date, Apple has also issued software updates to protect its devices from the FREAK bug. If you recall, the security flaw allows hackers to force weaker encryption on Safari (and Android browser) users visiting certain we...

March 10th 2015 at 6:26am 0 Comments
Post Thumbnail

A team of cryptographers have discovered that a security flaw from way back in the '90s still leaves users today vulnerable to cyberattacks. They've dubbed it "Factoring attack on RSA-EXPORT Key" or FREAK, and it renders everyone who uses Safari on Mac and iOS devices or Android's stock browser su...

March 4th 2015 at 6:11am 0 Comments
Post Thumbnail

Google's Project Zero is supposed to goad companies into patching software security flaws before they pose a threat, but that's not exactly how the effort has panned out. As Apple and Microsoft will tell you, the strict 90-day disclosure deadline sometimes leaves developers scrambling to finish pa...

February 15th 2015 at 4:59pm 0 Comments
Post Thumbnail

Microsoft isn't the only big tech firm grappling with surprise security flaw disclosures these days. Google's Project Zero security unit revealed at least two unpatched vulnerabilities in OS X (Yosemite appears to have mitigated a third) that theoretically help attackers take control of your Mac....

January 23rd 2015 at 3:33pm 0 Comments
Post Thumbnail

Over the years we've seen our fair share of security breaches and loopholes, but rarely do they take the companies involved almost 17 months to patch them up. Moonpig, the online mail order greeting card service, is guilty of this particular faux-pas after an external developer noticed a severe vu...

January 6th 2015 at 5:12am 0 Comments