Items tagged with vulnerability
by
Rob Williams - Tue, Dec 29, 2015
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of...
Read more...
by
Rob Williams - Sat, Nov 21, 2015
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most...
Read more...
by
Rob Williams - Fri, Nov 06, 2015
Security firm Lookout has just revealed what could be one of the most hard-hitting pieces of malware to ever hit Android. It doesn't have an official name, except to be referred to as "trojanized adware", and right from the top, we can...
Read more...
by
Rob Williams - Sun, Oct 04, 2015
Mere days after it was revealed that crowdfunding website Patreon had been breached, the entire collection of stolen digital goods has been posted online. Making this leak even more severe than typical ones is that not only is user account...
Read more...
by
Rob Williams - Tue, Sep 15, 2015
Where computer security is concerned, it almost seems like unauthorized access can be granted via an unlimited number of ways. While computer security in the home is obviously very important, having good defenses in the enterprise market...
Read more...
by
Rob Williams - Mon, Sep 07, 2015
Here we go again. Researchers for Tangible Security have discovered three major vulnerabilities which strike at least three different Seagate enclosures - the Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie...
Read more...
by
Rob Williams - Fri, Jul 24, 2015
We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well...
Read more...
by
Joshua Gulick - Tue, Jul 21, 2015
Microsoft is plugging a security hole with a new Critical-rated security update. The patch will fix an issue in Windows and OpenType fonts that could expose users to malicious website content. So long as you have automatic updates enabled...
Read more...
by
Rob Williams - Mon, Jul 13, 2015
We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash...
Read more...
by
Rob Williams - Wed, Jul 08, 2015
This week, something nearly as common as breathing happened: a severe Adobe Flash vulnerability was revealed. How this one came to be, however, is far more interesting than most. Earlier this week, a well-known Italian hacking group called...
Read more...
by
Kory Kessel - Thu, Jun 11, 2015
Jan Souček, a security researcher from Prague, has uncovered a vulnerability in the security of the iOS Mail application that nefarious types can deploy against users of the app to gain access to their iCloud passwords.
The method...
Read more...
by
Rob Williams - Wed, Jun 03, 2015
After mainboard vendors began adopting EFI en masse in recent years, security researchers all over have dissected the many different implementations out there to find that elusive crippling bug. Sometimes, though, such bugs are not...
Read more...
by
Rob Williams - Wed, Jun 03, 2015
It's beginning to look like the latest hotness in the vulnerability world is crashing applications with simple strings of text. We just talked about such a bug that's stricken iOS a mere week ago, and already another one has come to the...
Read more...
by
Rob Williams - Sun, May 31, 2015
Given their importance, it'd be easy to believe that an institution such as the IRS would have sufficient security measures in place to protect our data - the tax information of everyone in the United States. As we discovered last week...
Read more...
by
Rob Williams - Fri, May 29, 2015
We posted earlier this week about a bizarre bug that strikes when a specific text message is received by an iOS user, either via Messages or SMS. Composed of various unicode characters, receiving this specific message can lock up the...
Read more...
by
Rob Williams - Sat, May 16, 2015
Is it possible to take control of an airplane using an infotainment system as a gateway? Chris Roberts, a well-known hacker and security researcher with One World Labs, claims that it is. The FBI, who is investigating Roberts' claims, is...
Read more...
by
Kory Kessel - Thu, May 14, 2015
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations...
Read more...
by
Rob Williams - Wed, Apr 29, 2015
A serious flaw has been discovered in the software component of some routers that feature a Realtek chipset. In particular, routers that utilize a Realtek RTL81XXX chipset and also use the 1.3 SDK (or older, potentially), are vulnerable to...
Read more...
by
Rob Williams - Tue, Apr 21, 2015
Another day, another story about a poor SSL implementation. According to analytics service SourceDNA, a staggering 1,500 iOS apps are bugged with a gaping HTTPS hole, allowing attackers to intercept traffic that should otherwise be...
Read more...
by
Kory Kessel - Fri, Apr 10, 2015
Swedish hacker Emil Kvarnhammar is reporting that an unpublished OS X API — he dubs it a "backdoor" — can be used by nefarious types to gain root access through local users without Administrator status on Mac computers that have not yet...
Read more...
by
Rob Williams - Tue, Apr 07, 2015
The latest version of Firefox came out at the end of March and brought a lot to the table, although like most browser version jumps nowadays, spotting all of what's new can be difficult. At the forefront, Firefox 37 introduced a...
Read more...
by
Kory Kessel - Wed, Mar 25, 2015
Threat researcher Zhi Xu is reporting a widespread vulnerability in Google's Android operating system that is capable of exposing up to 49.5% of users to spyware, via a two-front alliance formed between apps downloaded from Google Play and...
Read more...