vulnerability
WhiteHat Aviator browser is not secure, says Google developer
Late last week WhiteHat Security open sourced Aviator, its Chromium-based browser that has been marketed as “the most secure browser online.” The browser offers …
Corel DLL hijacking vulnerability could allow arbitrary command execution
Corel has developed a wide range of products including graphics, photo, video and office software. When a file associated with the Corel software is opened, the directory of …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Asus wireless router flaw opens network to local attackers
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Moonpig shamed for not fixing customer data exposing flaw
Moonpig, a popular UK-based firm that sells personalised greeting cards, has put the personal and financial information of over 3 million of its customers in danger by using a …
The hidden dangers of third party code in free apps
Research from MWR InfoSecurity has shown the various ways hackers can abuse ad networks by exploiting vulnerabilities in free mobile apps. When people install and use free …
Critical flaw on over 12M routers allows device hijacking, network compromise
A critical, easy to exploit vulnerability that opens more than 12 million SOHO routers around the world to remote compromise has been discovered by Check Point researchers. …
Critical Git flaw allows attackers to compromise developers’ machines
A critical vulnerability affecting all versions of the official Git client and all related software that interacts with Git repositories has been found and patched, and …
Researchers confirm multiple Google App Engine security sandbox bypasses
Polish firm Security Explorations, which announced last week that they found over 30 serious security issues in the Java security sandbox of the Google App Engine (GAE), has …
Two newcomers in the exploit kit market
Exploit kits are a great means to an end for malware distributors, who either buy them or rent them in order to widely disseminate their malicious wares. It’s no wonder …