Post Thumbnail

Researchers have discovered a new browser and website encryption vulnerability called Logjam, and there's good news and bad news. On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Ch...

8 days ago 0 Comments
May 20, 2015 at 9:45AM
Post Thumbnail

In case you were napping, Heartbleed struck web servers' OpenSSL security last year, opening up the servers' memory to intruders. There's a new so-called zero-day vulnerability, only this time the researchers who discovered it say it's much worse, impacting millions of datacenter machines. The fla...

15 days ago 0 Comments
Post Thumbnail

It can't have escaped your attention that security experts have declared open season on Apple products over the last few weeks. At San Francisco's RSA conference, an even more terrifying exploit has been revealed that has the power to send your iPhone or iPad into a perpetual restart loop. Mobile ...

1 month ago 0 Comments
Post Thumbnail

While the FREAK security vulnerability is mainly associated with Apple's Safari and Android's stock browsers, it apparently affects Windows PC too. Thankfully, Microsoft has issued an update that will patch up the vulnerability in its SSL/TSL implementation called Schannel. As we've mentioned in t...

2 months ago 0 Comments
Post Thumbnail

In addition to launching new MacBooks and revealing its smartwatches' release date, Apple has also issued software updates to protect its devices from the FREAK bug. If you recall, the security flaw allows hackers to force weaker encryption on Safari (and Android browser) users visiting certain we...

2 months ago 0 Comments
Post Thumbnail

Google's Project Zero is supposed to goad companies into patching software security flaws before they pose a threat, but that's not exactly how the effort has panned out. As Apple and Microsoft will tell you, the strict 90-day disclosure deadline sometimes leaves developers scrambling to finish pa...

3 months ago 0 Comments
Post Thumbnail

Microsoft isn't the only big tech firm grappling with surprise security flaw disclosures these days. Google's Project Zero security unit revealed at least two unpatched vulnerabilities in OS X (Yosemite appears to have mitigated a third) that theoretically help attackers take control of your Mac. ...

4 months ago 0 Comments
Post Thumbnail

A discovered vulnerability in League of Legends led Riot Games to the conclusion that it not only needed to react to such issues when they arise, but to be more proactive in discovering these weak spots in the game. To wit, the studio has implemented a bug bounty program that will reward players wh...

6 months ago 0 Comments
Post Thumbnail

Microsoft's software isn't immune to the rash of recent web encryption exploits, it seems. The company has discovered (and thankfully, patched) a Windows flaw that lets hackers use the software's Secure Channel technology, which handles SSL and TLS encryption, to compromise PCs. If you're suscepti...

6 months ago 0 Comments
Post Thumbnail

Typically, attacks against your WiFi router require a lengthy attempt to guess any codes and passwords. Not if you use 0xcite's new technique, however; the research firm has detailed a flaw in some router chipsets that lets hackers bypass the push-button security of WiFi Protected Setup (WPS) almo...

9 months ago 0 Comments
Post Thumbnail

Think you're safe from spies because you're using Tails, the same Linux distribution that Edward Snowden uses to remain anonymous? Unfortunately, you'll still have to be on your guard. Security firm Exodus Intelligence has revealed that the latest version of the OS, 1.1, is vulnerable to attacks t...

10 months ago 0 Comments
Post Thumbnail

The world hasn't yet recovered from the Heartbleed vulnerability in OpenSSL and now there's news of a new bug affecting the popular open-source security package. This recently announced, and already patched, exploit could allow an attacker to see and modify traffic between an OpenSSL client and an...

11 months ago 0 Comments
Post Thumbnail

Everyone knows the best way to teach children is to make the learning process fun and engaging; and if we're honest, that methodology works just as well on us big kids, too. Now, even hunting through code for cross-site scripting (XSS) bugs can be entertaining, thanks to a game developed by a play...

12 months ago 0 Comments
Post Thumbnail

Apple has largely avoided the wrath of the Heartbleed security flaw, but it now appears that the company's products aren't completely immune. The crew in Cupertino just updated its most recent AirPort Extreme and Time Capsule WiFi routers to fix a Heartbleed-related vulnerability that surfaces whe...

1 year ago 0 Comments
Post Thumbnail

Read our Heartbleed defense primer? Good, but the fight for your privacy isn't over just yet: you might have to replace your router, too. Cisco Systems and Juniper Networks have announced that the Heartbleed bug -- a flaw in OpenSSL that lets attackers bypass common security protocols -- has been ...

1 year ago 0 Comments