There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way, enabling an attacker to take a number of actions, including inserting malicious code into a legitimate app or even take complete control of an affected device. The vulnerability is a result[...]
Browsing Category: Cryptography
Researchers at Citizen Lab have taken a close look at the extent of Internet filtering in Iraq, as well as the security of a popular offline chat app used there, and found an increase in the number of services blocked by the government and identified serious privacy and security problems with the chat app. As tensions[...]
There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data.
Despite FBI claims that CryptoLocker was neutralized in the GameOver Zeus botnet takedown, a researcher says that the ransomware is alive and evolving new variants.
OpenSSL vulnerabilities discovered in a number of Siemens industrial control systems are being exploited in the wild. The company has updates available for some, but not all, of the affected products.
There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.
Apple quietly began encrypting virtually all of the email flowing in and out of its servers for its iCloud.com, mac.com and me.com domains, a move that throws up an important roadblock for attackers and others attempting to snoop on those transmissions.
The OpenBSD project patched a vulnerability in the LibreSSL random number generator; both sides of the issue concede the test program used to trigger the flaw was either unusual or unrealistic.
A critical vulnerability was reported in the random number generator in LibreSSL, a fork of OpenSSL. LibreSSL preview versions were released this weekend.
The new SSL Black List is a public list of certificates associated with a variety of malicious operations, including botnets, malware campaigns and banking Trojans.