Items tagged with vulnerability
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of...
Read more...
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most...
Read more...
Security firm Lookout has just revealed what could be one of the most hard-hitting pieces of malware to ever hit Android. It doesn't have an official name, except to be referred to as "trojanized adware", and right from the top, we can...
Read more...
Mere days after it was revealed that crowdfunding website Patreon had been breached, the entire collection of stolen digital goods has been posted online. Making this leak even more severe than typical ones is that not only is user account...
Read more...
Where computer security is concerned, it almost seems like unauthorized access can be granted via an unlimited number of ways. While computer security in the home is obviously very important, having good defenses in the enterprise market...
Read more...
Here we go again. Researchers for Tangible Security have discovered three major vulnerabilities which strike at least three different Seagate enclosures - the Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie...
Read more...
We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well...
Read more...
Microsoft is plugging a security hole with a new Critical-rated security update. The patch will fix an issue in Windows and OpenType fonts that could expose users to malicious website content. So long as you have automatic updates enabled...
Read more...
We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash...
Read more...
This week, something nearly as common as breathing happened: a severe Adobe Flash vulnerability was revealed. How this one came to be, however, is far more interesting than most. Earlier this week, a well-known Italian hacking group called...
Read more...
Jan Souček, a security researcher from Prague, has uncovered a vulnerability in the security of the iOS Mail application that nefarious types can deploy against users of the app to gain access to their iCloud passwords.
The method...
Read more...
After mainboard vendors began adopting EFI en masse in recent years, security researchers all over have dissected the many different implementations out there to find that elusive crippling bug. Sometimes, though, such bugs are not...
Read more...
It's beginning to look like the latest hotness in the vulnerability world is crashing applications with simple strings of text. We just talked about such a bug that's stricken iOS a mere week ago, and already another one has come to the...
Read more...
Given their importance, it'd be easy to believe that an institution such as the IRS would have sufficient security measures in place to protect our data - the tax information of everyone in the United States. As we discovered last week...
Read more...
We posted earlier this week about a bizarre bug that strikes when a specific text message is received by an iOS user, either via Messages or SMS. Composed of various unicode characters, receiving this specific message can lock up the...
Read more...
Is it possible to take control of an airplane using an infotainment system as a gateway? Chris Roberts, a well-known hacker and security researcher with One World Labs, claims that it is. The FBI, who is investigating Roberts' claims, is...
Read more...
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations...
Read more...
A serious flaw has been discovered in the software component of some routers that feature a Realtek chipset. In particular, routers that utilize a Realtek RTL81XXX chipset and also use the 1.3 SDK (or older, potentially), are vulnerable to...
Read more...
Another day, another story about a poor SSL implementation. According to analytics service SourceDNA, a staggering 1,500 iOS apps are bugged with a gaping HTTPS hole, allowing attackers to intercept traffic that should otherwise be...
Read more...
Swedish hacker Emil Kvarnhammar is reporting that an unpublished OS X API — he dubs it a "backdoor" — can be used by nefarious types to gain root access through local users without Administrator status on Mac computers that have not yet...
Read more...
The latest version of Firefox came out at the end of March and brought a lot to the table, although like most browser version jumps nowadays, spotting all of what's new can be difficult. At the forefront, Firefox 37 introduced a...
Read more...
Threat researcher Zhi Xu is reporting a widespread vulnerability in Google's Android operating system that is capable of exposing up to 49.5% of users to spyware, via a two-front alliance formed between apps downloaded from Google Play and...
Read more...
