Post Thumbnail

Google's Project Zero is supposed to goad companies into patching software security flaws before they pose a threat, but that's not exactly how the effort has panned out. As Apple and Microsoft will tell you, the strict 90-day disclosure deadline sometimes leaves developers scrambling to finish pa...

12 days ago 0 Comments
February 15, 2015 at 4:59PM
Post Thumbnail

Microsoft isn't the only big tech firm grappling with surprise security flaw disclosures these days. Google's Project Zero security unit revealed at least two unpatched vulnerabilities in OS X (Yosemite appears to have mitigated a third) that theoretically help attackers take control of your Mac. ...

1 month ago 0 Comments
Post Thumbnail

A discovered vulnerability in League of Legends led Riot Games to the conclusion that it not only needed to react to such issues when they arise, but to be more proactive in discovering these weak spots in the game. To wit, the studio has implemented a bug bounty program that will reward players wh...

3 months ago 0 Comments
Post Thumbnail

Microsoft's software isn't immune to the rash of recent web encryption exploits, it seems. The company has discovered (and thankfully, patched) a Windows flaw that lets hackers use the software's Secure Channel technology, which handles SSL and TLS encryption, to compromise PCs. If you're suscepti...

3 months ago 0 Comments
Post Thumbnail

Typically, attacks against your WiFi router require a lengthy attempt to guess any codes and passwords. Not if you use 0xcite's new technique, however; the research firm has detailed a flaw in some router chipsets that lets hackers bypass the push-button security of WiFi Protected Setup (WPS) almo...

6 months ago 0 Comments
Post Thumbnail

Think you're safe from spies because you're using Tails, the same Linux distribution that Edward Snowden uses to remain anonymous? Unfortunately, you'll still have to be on your guard. Security firm Exodus Intelligence has revealed that the latest version of the OS, 1.1, is vulnerable to attacks t...

7 months ago 0 Comments
Post Thumbnail

The world hasn't yet recovered from the Heartbleed vulnerability in OpenSSL and now there's news of a new bug affecting the popular open-source security package. This recently announced, and already patched, exploit could allow an attacker to see and modify traffic between an OpenSSL client and an...

8 months ago 0 Comments
Post Thumbnail

Everyone knows the best way to teach children is to make the learning process fun and engaging; and if we're honest, that methodology works just as well on us big kids, too. Now, even hunting through code for cross-site scripting (XSS) bugs can be entertaining, thanks to a game developed by a play...

9 months ago 0 Comments
Post Thumbnail

Apple has largely avoided the wrath of the Heartbleed security flaw, but it now appears that the company's products aren't completely immune. The crew in Cupertino just updated its most recent AirPort Extreme and Time Capsule WiFi routers to fix a Heartbleed-related vulnerability that surfaces whe...

10 months ago 0 Comments
Post Thumbnail

Read our Heartbleed defense primer? Good, but the fight for your privacy isn't over just yet: you might have to replace your router, too. Cisco Systems and Juniper Networks have announced that the Heartbleed bug -- a flaw in OpenSSL that lets attackers bypass common security protocols -- has been ...

10 months ago 0 Comments
Post Thumbnail

Don't change your password. It's strange advice to hear when the so-called Heartbleed bug is leaving databases all over the web open and exposed, but it's applicable. Yes, security has been compromised for many of your favorite websites and services (including Google, Flickr and Steam, at least in...

10 months ago 0 Comments
Post Thumbnail

Most internet security holes, even the bigger ones, tend to be fairly limited in scope -- there are only so many people using the wrong software or visiting the wrong sites. Unfortunately, that's not true of the newly revealed Heartbleed Bug. The flaw, which affects some older versions of common i...

10 months ago 0 Comments