Items tagged with vulnerability
With critical vulnerabilities like Meltdown and Spectre having been disclosed to the public, it's clearer than ever that more eyeballs are needed when it comes to making sure that our software and hardware is secure. Not long after Intel suffered the bulk of fallout from Meltdown and Spectre, the company bolstered its...
Read more...
Researchers at Purdue University and the University of Iowa have just exposed a list of LTE vulnerabilities that could create quite a headache for carriers (and consumers) if not fixed soon. Using a framework the researchers call LTEInspector, eight of the ten new vulnerabilities were tested as working on a testbed...
Read more...
There are a number of ways to tell if your computer is vulnerable to the Spectre or Meltdown security exploits that have been making rounds over the last several weeks. For instance, Microsoft has a tool that will analyze your rig and tell you, but it is a PowerShell script that gives you results that you almost need...
Read more...
There might not be a storage medium that's definitively indestructible, or perfectly reliable, but solid-state storage would rank near the top. A hard drive, for example, might be able to house a large amount of data, but if it's dropped to the ground, or its host PC is bumped hard enough, all of that data could...
Read more...
Last Friday, we reported on a major cyberattack involving ransomeware that hit a large number of computers - including some belonging to the UK's National Health Service. At first, the malware's reach wasn't too clear, but as the weekend went on, we learned that the number of affected PCs reached at least 200,000...
Read more...
We can't seem to go a single week without news of a severe vulnerability out there in the wild, and it looks like our streak isn't about to end. Not too long ago, a number of NSA-derived tools were released online, giving us an idea of how desperate the folks at one of the US government's leading intelligence agencies...
Read more...
What's that in the air? Could it be the smell of egg nog and pine? Nope, it's Microsoft Patch Tuesday, of course! This month's rollout is rather large and notable for a number of reasons. However, what matters most is that if you're not up-to-date yet, you'll want to take a little trip to the Windows Update section...
Read more...
As unfortunate as it is, it's really hard nowadays to be shocked at the thought of someone getting infected with malware, or even a piece of ransomware (which can now even affect Linux). It is still possible to get shocked though, with Betabot proving it for us. This piece of malicious software doesn't just fetch user...
Read more...
If you operate a Web server that runs on Linux, we're here to give you a bit of a prod in case you haven't updated it in a while. A piece of ransomware called FairWare is floating around, and as you'll soon see, its name is ironic as it's anything but "fair".
Reports are coming in of users who have been struck with...
Read more...
We reported earlier this week on a large collection of exploits that have been put up for auction by a group that calls itself Shadow Brokers. The promise was that all of the files were sourced from a secret NSA group called Equation Group, and now, Edward Snowden has released documents to prove that's just the...
Read more...
We wrote a couple of days ago about a huge treasure trove of alleged NSA-derived exploits that were hitting the market. That gold mine was accessed by a group calling itself Shadow Brokers, and it's been said that their source was Equation Group, which is believed to be an extension of the NSA.
At that time, there...
Read more...
Nothing beats wireless for convenience, but whenever you transmit important data through the air, there's a risk that someone could be nearby, ready to intercept the signals before they reach their destination. If this sounds familiar, it might be because we talked about this very thing earlier this year, when...
Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just...
Read more...
It's beginning to look like some rather sophisticated hackers have made their way into Apple's core and crippled iCloud security so severely that some iPhones have essentially been held hostage. A few iPhones here and there might not seem like a big deal, but ultimately, there could be a staggering 40 million iCloud...
Read more...
We wrote earlier about the kind of success Google has been seeing with its Android bug bounty program -- success that has led the company to actually increase its rewards. Over the years, we've seen other major companies offer bug bounties as well, such as Facebook and Microsoft, so it's clear that they can provide...
Read more...
If you've shopped at Acer's US website at any point between May 12, 2015 and April 28, 2016, you have immediate reason for concern. Acer has just revealed to the California Attorney General's office that its ecommerce servers were hit last spring, and remained vulnerable up until this spring. Unfortunately, this isn't...
Read more...
It has been suggested that the microprocessors we use each and every day could pack in a bit more than we bargained for; namely, the tools needed for spying or undetectable access. And unfortunately, according to security researcher and developer Damien Zammit, there's a potential reason to be concerned over the "ME"...
Read more...
The greatest benefit wireless peripherals offer is what they help cut down on: wires. Fewer wires means that our desktops are easier to keep clean, and we're not kicking wires as often under our desk. It's a win-win overall. Or is it? As with most things convenient, wireless peripherals can suffer exploits just like...
Read more...
It's not often that people feel compelled to side with Google on the topic of privacy, but the company's newest CEO, Sundar Pinchai, gives us a great reason to. As Brandon covered in great detail yesterday, Apple has been ordered by U.S. Magistrate Judge Sheri Pym to provide the FBI access to an iPhone 5c that was...
Read more...
If you're surfing the Internet with a browser (a rarity, we know), there's a new bug to be cautious of. With a bit of simple JavaScript, a browser's HTML5 History API can be called upon thousands of times, ultimately causing a meltdown. Of course, a dedicated website (CrashSafari.com) exists to act as a proof of...
Read more...
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of software that's used by the vast majority of notebook
Read more...
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most often, customers do not have control over the firmware in such devices. If a...
Read more...
