software
Adobe patches Hacking Team Flash zero-days, update immediately!
Adobe has released new versions of Flash Player, Shockwave Player and Acrobat and Reader, all of which fix critical vulnerabilities that could potentially allow an attacker to …
VMware fixes host privilege escalation bug in Workstation, Player, Horizon View
VMware has issued software updates for VMware Workstation, Player, and Horizon View Client for Windows, which fix relatively serious a host privilege escalation vulnerability …
IIS 6.0 users are heading towards new security dangers
RiskIQ has discovered that 24 of the top 30 FTSE-listed companies in the UK are running web servers that will be out of support in less than a week, posing a potential …
Fake Android battery monitor app thoroughly compromises users’ devices
“Downloading apps from Google Play is a safer proposition than doing it from third party markets, but despite Google using an automated app scanning service …
Data-centric security with RightsWATCH
The fact that sensitive data seems to increasingly follow a pattern of being leaked, lost or stolen, has forced security professionals to rethink how their organizations can …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Vegan and BeEF clash shows how cyber arms race never stops
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries. An example of this …
Instapaper for Android vulnerable to man-in-the-middle attacks
Bitdefender researchers have discovered that Android app Instapaper is vulnerable to man-in-the-middle attacks that could expose users’ signup/login credentials when logging …
US, UK spies reverse-engineered security software in search for flaws
The UK GCHQ has been actively trying to reverse-engineer popular security software in order find vulnerabilities that can be used to neutralize the protection the software …
Risks from fraudulent mobile apps and unauthorized app stores
Companies spanning retailers, travel companies, media & entertainment, gambling firms and banks have far more mobile apps owned by them or referencing their brand than …
New OpenSSL versions squash LogJam bug
The OpenSSL Project has pushed another update for the eponymous open-source cryptographic library. This one plugs several moderate bugs, one low one, and LogJam …
Serious MitM flaw plugged in latest watchOS version
If you’ve recently bought an Apple Watch, or if you have had one for a while now, but you haven’t updated to the latest watchOS version, now is the time to do it …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users