Items tagged with vulnerability

Swedish hacker Emil Kvarnhammar is reporting that an unpublished OS X API — he dubs it a "backdoor" — can be used by nefarious types to gain root access through local users without Administrator status on Mac computers that have not yet been... Read more...
The latest version of Firefox came out at the end of March and brought a lot to the table, although like most browser version jumps nowadays, spotting all of what's new can be difficult. At the forefront, Firefox 37 introduced a "heartbeat" user... Read more...
Threat researcher Zhi Xu is reporting a widespread vulnerability in Google's Android operating system that is capable of exposing up to 49.5% of users to spyware, via a two-front alliance formed between apps downloaded from Google Play and from... Read more...
Whenever a software flaw is discovered and is then patched, it's not often that we'll ever hear about it again (the exceptions are those that do big damage). It's even more rare when we end up hearing about a "medium" bug again four years later... Read more...
It's always fun to see which security flaws get exploited at Pwn2Own, and this year's event has proven to be no exception. In fact, it could be considered to be one of the most exciting events to date, with JungHoon Lee exploiting three major... Read more...
Until the web at large adopts the open HTML5 Read more...
Last January, some six or so months after Edward Snowden exposed much of the NSA's shady behavior to the world, a smartphone was announced that promised unparalleled levels of security. Called BlackPhone, we followed-up a month later to provide a... Read more...
At this point, I think it's safe to call the security level of Adobe's Flash player "asinine". Sometimes, it feels like full-blown OSes, such as Windows, have far fewer bugs. When is the last time you remember having to update your OS with an... Read more...
It's as if Google is looking to start a digital war -- or at least get back at Microsoft for using its minor patents to battle Android. Earlier this month, we reported on a significant Windows bug that Google, through its Project Zero site, exposed... Read more...
Dell's SecureWorks Counter Threat Unit (CTU) has just discovered a new piece of malware that it dubs "Skeleton Key". Besides being one of the coolest-named pieces of malware ever, Skeleton Key... Read more...
Well, this isn't something we see everyday. With Project Zero, Google monitors the discovery of software vulnerabilities, and in the event that one is found, the vendor responsible for it will be contacted. As per Google's own ruling, if a bug is... Read more...
A weakness has been identified that could exist in Android, Windows, and iOS devices that can be used to obtain personal information. Discovered by a team of researchers, the vulnerability revolves... Read more...
When the OpenSSL vulnerability Heartbleed broke cover in April, it felt like it was the only thing that mattered for an entire week. Like many news outlets, we reported on the bug from a number of different angles, and it was all for good reason:... Read more...
In the world of software, it's not uncommon to learn of a program that's implemented vulnerable code for over a decade (Java, anyone?), but where gaming's concerned, that's another story. According... Read more...
1 2 Next