The Microsoft Enhanced Mitigation Experience Toolkit, short EMET, is an optional download for all supported client and server versions of Microsoft’s Windows operating system that adds exploit mitigation to theRead More →
Yesterday’s update of the encryption software VeraCyrpt fixed two vulnerabilities that security researcher James Forshaw discovered in TrueCrypt’s source code. TrueCrypt, which has been abandoned by its developers, is stillRead More →
Yahoo’s developers have open-sourced Gryffin, a security scanner for Web content, specifically designed to cut down the number of false positives and also work at very large scales. Yahoo hasRead More →
In case didn’t know or need a reminder, browser cookies aren’t exactly impervious to attack. The DHS-sponsored CERT at the Software Engineering Institute at Carnegie Mellon University this week droppedRead More →
Once again, fully patched iPhone lock screens can be bypassed with a few keystrokes. iPhone users have yet another screenlock bypass vulnerability to watch out for, according to a newRead More →
Cisco pushed out on Wednesday its usual semiannual round of patches for IOS, the software the company uses for most of its routers and switches. This month’s security advisories addressedRead More →
TV starlet offers iCloud access, photoshopped nudes, to bait voyeur hackers. The chief hacker behind the infamous iCloud celebrity hacks has revealed in a documentary how the group dubbed RipSecRead More →
Antivirus applications and other security software are supposed to make users more secure, but a growing body of research shows that in some cases, they can open people to hacksRead More →
Security researchers at VerSprite have tested and discovered a few vulnerabilities in Western Digital’s My Cloud NAS (Network Attached Storage) hard drive, marketed by the company as your own personalRead More →
The proliferation of independent and vendor-sponsored bug bounties has not only put some money in researchers’ pockets, but has also forced enterprises—and software makers—to put processes in place to handleRead More →
Here’s a treat for hackers and security researchers who don’t mind selling information about zero-day vulnerabilities to the highest bidder: Zerodium, the zero-day vulnerability and exploit acquisition firm recently launchedRead More →
Adobe has released a Flash Player update that addresses 23 critical vulnerabilities in the software, many which can lead to code execution. Version 18.0.0.231 and earlier of Flash Player forRead More →
New Android malware was discovered, able to steal money from online banking accounts, and hide SMS notifications coming to confirm financial transactions. This new malware detected by Dr.Web as theRead More →
A simple mistake by networking gear manufacturer D-Link could have opened the door for costly damage. Private keys used to sign software published by D-Link were found in the company’sRead More →
SharePoint, one of the tools included with Microsoft Office’s server suite, has been patched to protect users from a persistent XSS (cross-site scripting) flaw which could expose their private information.Read More →
Proof-of-concept exploit installs malicious app on nearby iPhones. Apple has mitigated a critical iOS vulnerability that allows attackers within Bluetooth range of an iPhone to install malicious apps using theRead More →
Android devices may be protected by a lock screen which requires some form of authentication before access to most phone features, its settings and the data stored on it isRead More →
WordPress core engine security vulnerabilities aren’t rare, but they are uncommon. Most issues affecting the integrity of sites running on the content management system are introduced by third-party plugins andRead More →
