vulnerability
Chrome bugs allow websites to listen in on your conversations
Several security flaws in the popular Google Chrome browser can be exploited to turn the computer into a surreptitious listening device, claims Israeli developer Tal Ater. As …
Starbucks fixes password-related flaw in its iOS app
If you have followed last week’s hullabaloo about the Starbucks iOS app found storing passwords and location coordinates in clear text, and you have been worried about …
Light Patch Tuesday delivers four bulletins
With only four bulletins, this month’s release is the lightest in recent memory. Markedly missing are any bulletins for Internet Explorer and not a single bulletin is …
Light Patch Tuesday coming up
2014 is getting off to a light start with Microsoft. Only four advisories in the January advance notification. For the first time in a while, there is not a cumulative IE roll …
Triggering deep vulnerabilities using symbolic execution
Symbolic Execution (SE) is a powerful way to analyze programs. Instead of using concrete data values SE uses symbolic values to evaluate a large set of parallel program paths …
Yahoo visitors got served with malicious ads
Visitors to the main Yahoo domain have been targeted with malicious ads that redirected them to an exploit kit serving different types of malware, the Dutch security audit …
Snapchat makes no apology for breach, announces app update
One good thing to come from the leak of usernames and phone numbers of some 4.6 million Snapchat users is that the company is now forced to patch the exploited …
Critical backdoor in Linksys and Netgear routers found
A backdoor in some Linksys and Netgear wireless routers that allows malicious users to reset the devices’ configuration to factory settings and, therefore, to default …
OpenX / Revive Adserver zero-day actively exploited in the wild
A zero-day vulnerability that allows attackers to gain back-end access to popular open-source advertising server OpenX Source has been discovered by Florian Sander, founder of …
Mozilla blocks rogue add-on that made computers scan sites for flaws
A singular new botnet composed of over 12,500 infected computers has been used by its masters to effectively crowdsource the search for websites vulnerable to SQL injection …
Flaw in Nvidia’s rendering software allows hijacking of “computer farms”
A vulnerability in Nvidia mental ray, an extremely popular 3D-rendering software that is often used on “render farms”, could allow attackers to take control of …
Microsoft fixes 24 vulnerabilities
This Patch Tuesday features a solid 11 advisories affecting 6 different product types. All supported versions of Windows, Office, SharePoint, Exchange, Lync and a mixed bag of …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints