Post Thumbnail

Microsoft isn't the only big tech firm grappling with surprise security flaw disclosures these days. Google's Project Zero security unit revealed at least two unpatched vulnerabilities in OS X (Yosemite appears to have mitigated a third) that theoretically help attackers take control of your Mac. ...

3 days ago 0 Comments
January 23, 2015 at 3:33PM
Post Thumbnail

Whether or not you believe that North Korea hacked Sony Pictures, one thing is becoming apparent: whoever's responsible knew what they were doing. Sources for Recode understand that the perpetrators took advantage of a zero-day exploit, or a software security hole that hadn't been patched yet. The...

6 days ago 0 Comments
Post Thumbnail

Microsoft's software isn't immune to the rash of recent web encryption exploits, it seems. The company has discovered (and thankfully, patched) a Windows flaw that lets hackers use the software's Secure Channel technology, which handles SSL and TLS encryption, to compromise PCs. If you're suscepti...

2 months ago 0 Comments
Post Thumbnail

If you're using Samsung's Find My Mobile service to keep tabs on your Galaxy phone's whereabouts, you may want to stop using it for a while. Both NIST and security researcher Mohamed Baset are warning about an exploit that lets evildoers remotely lock, ring or wipe Samsung smartphones. As it turns...

3 months ago 0 Comments
Post Thumbnail

Don't get too comfy just because companies are rolling out patches for the Shellshock security bug -- as it turns out, even updated websites and devices remain at risk. Developers are reporting that they can still run any code they like (and thus hijack systems) through the bash command shell simp...

4 months ago 0 Comments
Post Thumbnail

Apparently, the internet has more deep-seated security bugs to worry about than Heartbleed. Researchers have discovered a longstanding flaw in a common Unix command shell (bash) for Linux and Macs that lets attackers run any code they want as soon as the shell starts running. They can effectively ...

4 months ago 0 Comments
Post Thumbnail

Ever since he was released from prison, legendary hacker (and social engineering expert) Kevin Mitnick has spent much of his time helping companies protect against internet attacks. However, his security consulting work recently entered murky territory. He's now offering the Absolute Zero Day Expl...

4 months ago 0 Comments
Post Thumbnail

If you're an iPhone user, you may want to be cautious about opening messages that contain phone numbers in the near future; they may cost you a lot of money. Developer Andrei Neculaesei notes that maliciously coded links in some apps will abuse the "tel" web handler (which covers dialing) to autom...

5 months ago 0 Comments
Post Thumbnail

People have been airing their dirty laundry and slinging shade on Secret -- an anonymous sharing app -- for months now. Who could blame them? It's fun, it's freeing and accountability basically doesn't exist there... or so some may believe. Kevin Poulson at Wired spoke to a security researcher nam...

5 months ago 0 Comments
Post Thumbnail

Think you're safe from spies because you're using Tails, the same Linux distribution that Edward Snowden uses to remain anonymous? Unfortunately, you'll still have to be on your guard. Security firm Exodus Intelligence has revealed that the latest version of the OS, 1.1, is vulnerable to attacks t...

6 months ago 0 Comments
Post Thumbnail

It's easy for someone in your home to interrupt your Chromecast stream and play something of their own, but you can always retake control... right? Well, don't count on it. Analyst Dan Petro has built the Rickmote Controller, a proof-of-concept device that hijacks Google's media stick to play ever...

6 months ago 0 Comments
Post Thumbnail

While we wait for Google I/O (which starts tomorrow) to find out what will become of the company's TV platform, a team that we've seen bust open the padlocks on Google TV, Chromecast and Roku has a new target. GTVHacker just revealed an exploit for the (now Google-owned, and owner of Dropcam) Nest...

7 months ago 0 Comments
Post Thumbnail

It only makes sense that putting a TV online theoretically exposes it to hackers, but it's now clear that those hacks don't have to go through conventional internet pipelines. A team of Columbia University researchers has published details of a vulnerability in an interactive TV standard (HbbTV) t...

7 months ago 0 Comments
Post Thumbnail

The world hasn't yet recovered from the Heartbleed vulnerability in OpenSSL and now there's news of a new bug affecting the popular open-source security package. This recently announced, and already patched, exploit could allow an attacker to see and modify traffic between an OpenSSL client and an...

7 months ago 0 Comments
Post Thumbnail

Apple has largely avoided the wrath of the Heartbleed security flaw, but it now appears that the company's products aren't completely immune. The crew in Cupertino just updated its most recent AirPort Extreme and Time Capsule WiFi routers to fix a Heartbleed-related vulnerability that surfaces whe...

9 months ago 0 Comments