Post Thumbnail

It won't surprise you to hear that governments are eager to buy unpatched security exploits for the sake of cyberdefense or surveillance, but they're rarely overt about it. No one must have told that to the US Navy until this week, however. The Electronic Frontier Foundation caught the military...

June 14th 2015 at 5:20pm 0 Comments
Post Thumbnail

Google's Project Zero is supposed to goad companies into patching software security flaws before they pose a threat, but that's not exactly how the effort has panned out. As Apple and Microsoft will tell you, the strict 90-day disclosure deadline sometimes leaves developers scrambling to finish pa...

February 15th 2015 at 4:59pm 0 Comments
Post Thumbnail

Microsoft isn't the only big tech firm grappling with surprise security flaw disclosures these days. Google's Project Zero security unit revealed at least two unpatched vulnerabilities in OS X (Yosemite appears to have mitigated a third) that theoretically help attackers take control of your Mac....

January 23rd 2015 at 3:33pm 0 Comments
Post Thumbnail

Whether or not you believe that North Korea hacked Sony Pictures, one thing is becoming apparent: whoever's responsible knew what they were doing. Sources for Recode understand that the perpetrators took advantage of a zero-day exploit, or a software security hole that hadn't been patched yet. The...

January 20th 2015 at 2:53pm 0 Comments
Post Thumbnail

Ever since he was released from prison, legendary hacker (and social engineering expert) Kevin Mitnick has spent much of his time helping companies protect against internet attacks. However, his security consulting work recently entered murky territory. He's now offering the Absolute Zero Day Ex...

September 24th 2014 at 2:39pm 0 Comments
Post Thumbnail

Oracle has released an official fix for the Java security flaw that was reported by CERT (the Computer Emergency Readiness Team) on January 11. Shortly after the flagging by CERT, Apple took steps to disable the Java plug-in on all Macs running OS X 10.6 or later by amending the XProtect malware/...

January 14th 2013 at 9:00am 0 Comments
Post Thumbnail

It didn't manage to do it during the most recent Pwn2Own challenge, but VUPEN Security is now claiming that it has finally managed to hack Google's Chrome browser and crack its so-called "sandbox." According to the firm, the exploit relies on some newly discovered zero day vulnerabilities, work...

May 10th 2011 at 10:02am 0 Comments
Post Thumbnail

Apple has released a slew of updates in the last few days, including a security update that fixes the Zero Day bugs discovered by Charlie Miller and revealed at CanSecWest. In addition to the MacBook Pro and MobileMe Backup updates, Apple has also released: 27-inch iMac SMC Firmware Update 1.0 This...

April 14th 2010 at 5:45pm 0 Comments
Post Thumbnail

Charles Miller, a computer security researcher who's worked with the NSA, is planning to reveal 20 zero-day security holes in Mac OS X at CanSecWest, a digital security conference, in Vancouver BC next week. A zero-day security hole is a weakness in software that neither the makers of the software n...

March 20th 2010 at 5:00pm 0 Comments
Post Thumbnail

Say, Charles -- it's been awhile! But we're pleased as punch to see that you're back to your old ways, poking around within OS X's mainframe just looking for ways to remotely control the system, snag credit card data and download a few interoffice love letters that are carefully stashed 15 folders d...

March 19th 2010 at 9:29am 0 Comments
Post Thumbnail

A hacker who found a vulnerability in QuickTime said he posted the attack code online after Apple ignored him for a month. The code exploits a flaw in QuickTime that causes a crash when a unusually-long parameter is passed along with a movie file. While it's not demonstrated, the hacker claims that...

September 18th 2008 at 12:00pm 0 Comments