software
Xen Project plugs critical host hijacking flaw, patch ASAP
The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is …
US Library of Congress makes tinkering with your car software legal
The US Digital Millennium Copyright Act (DMCA) makes it illegal to circumvent technological measures used to prevent unauthorized access to copyrighted works. But, there are …
One in 20 apps on private PCs are end-of-life
Secunia Research revealed the state of security for PC users in a total of 14 countries, including the US. One in 20 applications on private US PCs are end-of-life and 12 …
WhatsApp collects phone numbers, call duration, and more!
A recent network forensic examination of popular messaging service WhatsApp is offering new details on the data that can be collected from the app’s network from its new …
Cloud-based vulnerability management: Top vendors in the field
With an increasingly fast-paced threat landscape threatening even the most complex network security infrastructures, vulnerability management has become essential.Many vendors …
Oracle releases 154 fixes, plugs click-to-play bypass Java flaw used in attacks
Oracle has released its quarterly patch update that contains 154 security fixes for its various products.What will interest end users the most are the fixes released for Java, …
Review: Change and configuration auditing with Netwrix Auditor 7.0
Netwrix Auditor is a powerful change and configuration auditing platform that leverages the data collected from all parts of the company network to provide detailed …
250+ iOS apps offered on Apple’s App Store found slurping user data
The latest instance of potentially malicious apps tricking Apple App Store’s vetting process comes courtesy of Youmi, a China-based mobile advertising provider whose …
Consumers increasingly adopting personal security measures
With the increase of personal data being stored on mobile devices, a new survey showed that 61 percent of wireless consumers use PINs/passwords, up 20 percent from the survey …
GnuPG 2.1.9 released
The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard which is commonly abbreviated as PGP. It allows to encrypt and sign data and …
500 million users at risk of compromise via unpatched WinRAR bug
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers …
Yahoo open-sources Gryffin, a large scale web security scanning platform
Yahoo has open-sourced Gryffin, a scanning platform for web applications.The developers’ goal was to create a security scanner that will be able to both discover as much …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act