iOS 8 fixes bucketload of severe security bugs
Apple has released the latest version of its mobile OS on Wednesday, and in it has fixed over 50 vulnerabilities, many of which are very serious: Two vulnerabilities allowed a …
Malicious eBay listings redirect users to phishing site
An IT worker from Scotland who is also an “eBay PowerSeller” has discovered an eBay listing for an iPhone that was rigged to redirect potential buyers to a spoofed …
Free tool simplifies SHA-2 migration for system administrators
DigiCert released a free tool which helps system administrators analyze their use of SHA-1 hashing algorithms across all domains and subdomains and map out a path for SHA-2 …
Hackers penetrated systems of key defense contractors
Hackers associated with the Chinese government successfully penetrated the computer systems of U.S. Transportation Command contractors at least 20 times in a single year, …
Critical Android Browser bug threatens users’ privacy
Earlier this month, security researcher Rafay Baloch has released a proof-of-concept exploit that takes advantage of a vulnerability in an Android Browser’s security …
Tinba Trojan targets major US banks
Tinba, the tiny (20 KB) banking malware with man-in-the-browser and network traffic sniffing capabilities, is back. After initially being made to target users of a small …
Apple adds two-step verification for iCloud
Apple has announced that the two-step verification option for iCloud accounts now also extends to iCloud backups, preventing attackers who know the target’s password …
Macro based malware is on the rise
Malware authors have a rediscovered their love for Visual Basic, as the percentage of macro based malware rose from around 6% of all document malware in June to 28% in July, …
72% of businesses don’t trust cloud vendors
There is widespread mistrust of cloud providers across Europe with seven in 10 businesses accusing them of failing to comply with laws and regulations on data protection and …
Citadel malware becomes APT tool in newest hacking campaign
APT attackers wielding a newer, more dangerous versions of the Citadel malware have been targeting a number of Middle Eastern petrochemical companies, Trusteer researchers …
XSS bug allows Amazon account hijacking
A recurring XSS bug in Amazon’s Kindle Library, i.e. the “Manage your Kindle” web application, can be exploited by attackers looking to hijack users’ …
Internet giants band together to improve open source programs
A group of companies that includes Facebook, Google, Dropbox, GitHub and Khan Academy has announced a new collaboration that will focus on making open source “easier for …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade