Items tagged with security

Microsoft is plugging a security hole with a new Critical-rated security update. The patch will fix an issue in Windows and OpenType fonts that could expose users to malicious website content. So long as you have automatic updates enabled, your PC will download and install the patch, if it hasn’t already. “This security update resolves a vulnerability in Windows that could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts,” Microsoft said in a statement. It deems the hole dangerous enough to have released... Read more...
Over the past five years, where the bulk of Microsoft's revenue comes from has skewed quite a bit. As the company begins to transition its Windows OS to become a "service" (and not to mention, largely giving it away for free up-front) and deal with other products that are suffering decreased revenue, the company has been putting a lot of effort into its cloud solutions. Today, Microsoft's Azure platform is huge, and feature-rich. To give an idea of just how much cloud matters to Microsoft, there is a lot of Linux that runs throughout its own solutions. The company would of course prefer its customers... Read more...
Two months after dating website AdultFriendFinder was breached and had its info leaked, the exact same thing is happening to a trio of websites belonging to Avid Life Media, including AshleyMadison. If all of the information stolen does in fact get leaked, it won't bode well for its members. AshleyMadison is a website that promotes infidelity, and it doesn't sugar-coat it. "Life is short. Have an affair" is its tagline. With this breach, though, it should add "As long as you don't mind others knowing about it." The other websites affected include dating websites Cougar Life and Established Men.... Read more...
To quote the Guinness brothers, rewarding security researchers with frequent flier miles in exchange for rooting out system bugs is "brilliant!" That's what United Airlines is doing, and it's already given out two of its highest awards available -- one million miles -- which is enough to redeem for dozens of domestic flights (or less if flying first class). United is the only airline to offer such a program. It was unveiled back in May only weeks before technical woes forced the company to ground its planes on two separate occasions. One was due to an inability to access United's... Read more...
Has the time come to put Adobe's Flash Player plugin out of our misery? Facebook CSO Alex Stamos thinks so. In a series of Twitter posts, Stamos makes a plea for Adobe to set a date to euthanize Flash, allowing the web and Internet users at large to move on to better (and more secure) technologies. The question is, will Adobe do it?Probably not at the sole behest of Stamos, though he isn't the only one calling for an end to Flash. An anonymous group calling it Occupy Flash has been pushing for the same thing for the past few years. The Occupy Flash website has been tweeted out thousands of times,... Read more...
Whether you use Snapchat to send goofy faces to friends and family, or fling more sultry looking photos to a lover, you probably don't want those snapshots falling into the wrong hands. Unfortunately for users in the United Kingdom, new legislation could force messaging applications to be less secure so the government can peep encrypted communications.Apps like WhatsApp, iMessage, and Snapchat would all be banned as currently constructed if the new laws take effect. That's because the legislation being pushed would only allow apps to use encryption if there's a backdoor for government agents. The... Read more...
In the wake of recent security threats that have come to light, Mozilla has made the decision to block Adobe Flash content by default on all versions of its Firefox browser. Mark Schmidt, head of Firefox support at Mozilla and CEO of SupportHacker, announced the change via Twitter on Monday, adding that this is a temporary thing. "BIG NEWS!! All versions of Flash are blocked by default in Firefox as of now. To be clear, Flash is only blocked until Adobe releases a version which isn't being actively exploited by publicly known vulnerabilities," Schmidt said. This has been a bad month for Adobe and... Read more...
We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash or Java, and as sad as it is, it's not even surprising to learn that two more have been found. Oy! The latest vulnerabilities, named CVE-2015-5122 and CVE-2015-5123, are considered critical, and affect the Flash player on Windows, OS X, and Linux. A verbatim threat to last week's vulnerability, "successful... Read more...
To quote Ron Burgundy in Anchorman, "Boy, that escalated quickly. I mean that really got out of hand fast." He was referring to a deadly and chaotic showdown between various news stations, but he could have just as easily been talking about a recent security breach at the U.S. Office of Personnel Management (OPM) that's much worse than originally thought. It was initially reported that over 4.2 million current and former federal employees had their personnel data stolen as a result of the massive cybersecurity breach, but the Obama administration has now revealed that an additional... Read more...
Be careful what you post in jest on social networking sites like Twitter, Facebook, and even YouTube, lest the U.S. government labels you as a potential terrorist threat. It's the online world we live in these days, and in an effort to thwart the bad guys (and gals) before they can do harm, a new bill would encourage social media sites to notify federal authorities of online "terrorist activity."According to Reuters, which claims to have seen a text of the bill that was approved by the Senate Intelligence Committee, social media sites would have the green light to tattle on posts that talk about... Read more...
A teenage member of the notorious hacking group Lizard Squad has received a two-year suspended sentence for numerous cyber crimes. All tallied, he was convicted of 50,700 charges related to computer crimes, and in addition to his two-year suspended sentence, he must also undergo monitoring of his online activities. He will not serve any time behind bars.His name is Julius Kivimaki, or "Zeekill" if going by his online handle. The 17-year-old played a role in the distributed-denial-of-service (DDoS) attacks on Microsoft's Xbox Live and Sony's PlayStation Network in December of last year. Ironically... Read more...
This week, something nearly as common as breathing happened: a severe Adobe Flash vulnerability was revealed. How this one came to be, however, is far more interesting than most. Earlier this week, a well-known Italian hacking group called 'Hacking Team' was itself hacked. On Monday, the group's Twitter account was hijacked to post a link to a torrent file that includes about 400GB worth of its data. We're now finding out that this data could have huge repercussions for software vendors and regular consumers alike. Because Hacking Team's efforts largely revolve around exploiting bugs in popular... Read more...
The developers behind the uber-popular Plex media center software have revealed that their databases have been breached, and of course, that means just one thing: you might have a password or two to change. In an email sent to affected users, Plex developers note that only its forum and blog were compromised, and that no financial information is at risk, as that's located on external servers. That doesn't mean that this should be taken too lightly, though, as those who managed to break into the server got away with IP addresses, email addresses, encrypted (hashed + salted) passwords, and perhaps... Read more...
Microsoft's Windows 10 Mobile looks to be a tremendous upgrade over the previous version (the same could be said about the desktop versions as well), and features like "Wi-Fi Sense" could help set it apart from the rest. But, as cool as the feature is, it could become a breeding ground for exploitation. Wi-Fi Sense is a feature of Windows Phone 8.1, and soon Windows 10 Mobile, that allows people to connect to certain networks without effort. It works by tapping into an existing connection to a network that a friend nearby already has access to. By simply being... Read more...
Prev 1 2 3 4 5 Next ... Last