Post Thumbnail

Typically, coders and researchers who discover security vulnerabilities in software will tell the companies involved before posting their findings -- it's a courtesy to make sure that those holes are patched before attackers can use them. Don't tell that to developer Luca Todesco, though. He recen...

August 17th 2015 at 5:05pm 0 Comments
Post Thumbnail

The Stagefright vulnerability for Android won't seem to want to go away. According to Exodus Intelligence researchers one of the patched issued by Google could still allow access to Android devices. The researchers told Engadget via email, "the summary is that the Stagefright vulnerability is stil...

August 13th 2015 at 2:52pm 0 Comments
Post Thumbnail

Yesterday, someone noticed that an ad from a Russian news site was exploiting a serious vulnerability in the Firefox browser. According to a Mozilla security post, the attacker was able to bypass the browser's "origin policy" (its front line of security), inject a malicious javascript script and d...

August 7th 2015 at 6:31am 0 Comments
Post Thumbnail

Got Stagefright? Not the fear of an audience, but an Android vulnerability that could hijack your smartphone via a garden-variety MMS. The company that discovered the flaw, Zimperium, has now released a tool, the Stagefright Detector App, to at least let you know if you're patched against it. Goog...

August 7th 2015 at 5:11am 0 Comments
Post Thumbnail

Android has more than one video-related security hole on its hands at the moment. Trend Micro has found a flaw that uses a malformed Matroska (MKV) video in apps or websites to crash Android's "mediaserver" service, effectively turning the target device into a paperweight. It'll not only render yo...

July 29th 2015 at 7:41pm 0 Comments
Post Thumbnail

Successful hack attacks often happen not because of tricky coding, but plain old "social engineering" -- ie, conning people. A Github researcher called "jansoucek" has discovered an iOS exploit that works on that principal to steal people's iCloud passwords. The latest version of iOS, 8.3, apparen...

June 11th 2015 at 4:27am 0 Comments
Post Thumbnail

There's a new vulnerability that could let evildoers control your Mac, even after you format the system drive. Discovered by OS X security expert Pedro Vilaca, the exploit targets older machines after they wake up from sleep mode. The problem is that security normally protecting the firmware isn't...

June 2nd 2015 at 3:48pm 0 Comments
Post Thumbnail

Researchers have discovered a new browser and website encryption vulnerability called Logjam, and there's good news and bad news. On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Ch...

May 20th 2015 at 9:45am 0 Comments
Post Thumbnail

In case you were napping, Heartbleed struck web servers' OpenSSL security last year, opening up the servers' memory to intruders. There's a new so-called zero-day vulnerability, only this time the researchers who discovered it say it's much worse, impacting millions of datacenter machines. The fla...

May 13th 2015 at 3:12pm 0 Comments
Post Thumbnail

It can't have escaped your attention that security experts have declared open season on Apple products over the last few weeks. At San Francisco's RSA conference, an even more terrifying exploit has been revealed that has the power to send your iPhone or iPad into a perpetual restart loop. Mobile...

April 22nd 2015 at 11:26am 0 Comments
Post Thumbnail

While the FREAK security vulnerability is mainly associated with Apple's Safari and Android's stock browsers, it apparently affects Windows PC too. Thankfully, Microsoft has issued an update that will patch up the vulnerability in its SSL/TSL implementation called Schannel. As we've mentioned in t...

March 11th 2015 at 1:50am 0 Comments
Post Thumbnail

In addition to launching new MacBooks and revealing its smartwatches' release date, Apple has also issued software updates to protect its devices from the FREAK bug. If you recall, the security flaw allows hackers to force weaker encryption on Safari (and Android browser) users visiting certain we...

March 10th 2015 at 6:26am 0 Comments