It’s only been a few days since Apple fixed the nasty certificate-validation “goto fail” vulnerability in iOS and OSX and now word comes that another bug, one that could allow an attacker to monitor keystrokes on iOS 7 devices without the user being any the wiser, also exists.
Browsing Author: Chris Brook
Researchers have discovered a recent campaign that leveraged a Pony botnet controller to steal over $200,000 in Bitcoin and other virtual currencies along with 700,000 user credentials.
Developers with popular dating application Tinder have fixed a vulnerability that up until last year could have allowed users to track other users.
Duo Security acknowledged late last week that it had discovered a vulnerability in its WordPress plugin that could allow a user to bypass two-factor authentication (2FA) on a multisite network.
More than 300,000 credentials were posted on the clipboard website Pastebin.com in the year 2013 alone according to a recent analysis by a Swiss security firm.
A new campaign, dubbed Operation SnowMan, was been spotted leveraging a previously unknown zero-day in Internet Explorer 10 after the U.S. Veterans of Foreign Wars’ website was compromised this week.
Netcraft warns users that it has spotted a number of phony SSL digital certificates posing as legitimate Google, Facebook, GoDaddy, YouTube and iTunes certs.
BlackBerry this week released a new set of privacy guidelines its encouraging third-party app developers to follow to better protect their customers.
Facebook has fixed Instagram to remedy a cross-site request forgery (CSRF) vulnerability that could’ve put some photos users thought were private, out in the open.
Adobe has announced it will release a patch for its Shockwave Player today to fix what it deems are critical vulnerabilities in the platform.