Bug in Android Gmail app allows effective email spoofing
Yan Zhu, a Technology Fellow at the Electronic Frontier Foundation, has unearthed a flaw in the Gmail Android app that can lead to very effective phishing attacks.The flaw is …
BadBarcode: Poisoned barcodes can be used to take over systems
Researchers from Tencent’s Xuanwu Lab have proved that a specially crafted barcode can be used to execute commands on a target system, saddle it with malware, or perform …
Criminals hacked chip-and-PIN system by perfecting researchers’ PoC attack
When in 2010 a team of computer scientists at Cambridge University demonstrated how the chip and PIN system used on many modern payment cards can be bypassed by making the POS …
Hackers are exploiting zero-day flaw in fully patched Adobe Flash
Adobe has released on Tuesday security updates that address multiple vulnerabilities in Reader, Acrobat, and Flash Player. Unfortunately, among the holes plugged in Flash …
Mobile ad network exploited to launch JavaScript-based DDoS attack
A type of DDoS attack that has until now been mostly theoretical has become reality: CloudFlare engineers have spotted a browser-based Layer 7 flood hitting one of its …
Exploit broker offers $1 million for reliable iOS 9 exploit
Here’s a treat for hackers and security researchers who don’t mind selling information about zero-day vulnerabilities to the highest bidder: Zerodium, the zero-day …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Security flaws could allow attackers to steal over 100 different cars
Since 2012, a trio of European researchers knew that the Megamos Crypto transponder – used in a over 100 cars manufactured by Audi, Ferrari, Fiat, Cadillac, Volkswagen …
Microsoft issues emergency patch for IE flaw exploited in the wild
Microsoft has pushed out an emergency out-of-band Internet Explorer update, which fixes a critical memory corruption vulnerability (CVE-2015-2502) that is being actively …
Researcher releases exploit for OS X 0-day that gives root access
Italian security researcher Luca Todesco has published PoC exploit code for a newly discovered zero-day privilege escalation flaw affecting OS X Yosemite (v10.10) and …
BitTorrent clients can be made to participate in high-volume DoS attacks
A group of researchers have discovered a new type of DoS attack that can be pulled off by a single attacker exploiting weaknesses in the BitTorrent protocol family.The …
Google plugs Google Admin app sandbox bypass 0-day
After having had some trouble with fixing a sandbox bypass vulnerability in the Google Admin Android app, the Google Security team has finally released on Friday an update …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments