vulnerability
Scanning the Internet in less than an hour
Scanning the Internet used to be a task that took months, but a new tool created by a team of researchers from the University of Michigan can scan all (or most) of the …
LastPass bug leaks plain text passwords
Users of popular password manager LastPass have been advised to update to the latest version of the software, which incorporates a patch for a recently discovered bug that …
Google delivers patch for Android SecureRandom implementation
An Android security engineer has again confirmed the existence of the vulnerability that made the most popular Bitcoin wallet apps for the platform open to attack, and offered …
Joomla exploit doing rounds, users advised to update
Users who run their sites own sites and use the Joomla CMS but haven’t updated it in a while should do so immediately if they don’t want to see their sites …
Microsoft releases critical fixes for IE and Exchange Server
There’s a remotely exploitable, publicly disclosed, critical remote code execution vulnerability in Microsoft Exchange (MS13-061)! But wait, is it really remotely …
Google increases rewards for Chromium bug reports
It has recently been proved that setting up bug bounties is a cheaper option than hiring full-time bug hunters, and Google’s two bug bounty programs – Google Web …
Windows XP’s approaching retirement will be boon for blackhats
Windows XP, one of Microsoft’s most popular products ever, is scheduled to be retired in April 2014. This means that from that moment on, no updates patching security …
Android security flaw puts Bitcoin users at risk
The Bitcoin Foundation has issued a security advisory warning users that have generated their Bitcoin wallet with an Android app that their Bitcoins can be easily stolen. The …
Microsoft to release three critical fixes
The August 2013 Patch Tuesday advance notification includes a slightly higher volume of fixes than last month, but only 3 of 8 are critical, which is down from July’s 6 …
Compromising Google Accounts and enterprises via flaw in Android SSO
When it comes to Android, Google has traded security for convenience, says Tripwire security researcher Craig Young. During his recent presentation at Def Con in Las Vegas, he …
Advice on Tor use in wake of Freedom Hosting compromise
In the wake of the discovery that someone has compromised Tor hidden services hosted by Freedom Hosting and injected malicious JavaScript aimed at de-anonymizing specific …
Tor users targeted with spyware following anonymous Web-host shutdown
The news that the alleged owner of Freedom Hosting, the internet host for a great number of Tor hidden services, has been arrested and is accused of distributing and promoting …
Featured news
Resources
Don't miss
- How to use Apple’s App Privacy Report to monitor data tracking
- North Korean IT workers are extorting employers, FBI warns
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw