Items tagged with vulnerability

We posted earlier this week about a bizarre bug that strikes when a specific text message is received by an iOS user, either via Messages or SMS. Composed of various unicode characters, receiving this specific message can lock up the device, and... Read more...
Is it possible to take control of an airplane using an infotainment system as a gateway? Chris Roberts, a well-known hacker and security researcher with One World Labs, claims that it is. The FBI... Read more...
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations Manipulation"), the... Read more...
A serious flaw has been discovered in the software component of some routers that feature a Realtek chipset. In particular, routers that utilize a Realtek RTL81XXX chipset and also use the 1.3 SDK (or older, potentially), are vulnerable to an... Read more...
Another day, another story about a poor SSL implementation. According to analytics service SourceDNA, a staggering 1,500 iOS apps are bugged with a gaping HTTPS hole, allowing attackers to intercept traffic that should otherwise be secure. The... Read more...
Swedish hacker Emil Kvarnhammar is reporting that an unpublished OS X API — he dubs it a "backdoor" — can be used by nefarious types to gain root access through local users without Administrator status on Mac computers that have not yet been... Read more...
The latest version of Firefox came out at the end of March and brought a lot to the table, although like most browser version jumps nowadays, spotting all of what's new can be difficult. At the forefront, Firefox 37 introduced a "heartbeat" user... Read more...
Threat researcher Zhi Xu is reporting a widespread vulnerability in Google's Android operating system that is capable of exposing up to 49.5% of users to spyware, via a two-front alliance formed between apps downloaded from Google Play and from... Read more...
Whenever a software flaw is discovered and is then patched, it's not often that we'll ever hear about it again (the exceptions are those that do big damage). It's even more rare when we end up hearing about a "medium" bug again four years later... Read more...
It's always fun to see which security flaws get exploited at Pwn2Own, and this year's event has proven to be no exception. In fact, it could be considered to be one of the most exciting events to date, with JungHoon Lee exploiting three major... Read more...
Until the web at large adopts the open HTML5 Read more...
Last January, some six or so months after Edward Snowden exposed much of the NSA's shady behavior to the world, a smartphone was announced that promised unparalleled levels of security. Called BlackPhone, we followed-up a month later to provide a... Read more...
At this point, I think it's safe to call the security level of Adobe's Flash player "asinine". Sometimes, it feels like full-blown OSes, such as Windows, have far fewer bugs. When is the last time you remember having to update your OS with an... Read more...
It's as if Google is looking to start a digital war -- or at least get back at Microsoft for using its minor patents to battle Android. Earlier this month, we reported on a significant Windows bug that Google, through its Project Zero site, exposed... Read more...
1 2 Next