Karsten Nohl has updated his BadUSB research, looking at the top eight USB controller chips and determining that about half are susceptible to being maliciously reprogrammed.
Browsing Category: Vulnerabilities
Some users who have installed the MS14-066 patch that fixes a vulnerability in the Schannel technology in Windows are having issues with the fix causing TLS negotiations to fail in some circumstances.
Apple responds to the Masque vulnerability, saying that it is unaware of any users affected by the vulnerability, which allows hackers to swap out legitimate iOS apps with malicious ones.
Mike Mimoso and Dennis Fisher talk about the Windows Schannel vulnerability and whether it’s ripe for mass exploitation, as well as the WireLurker attack and why Apple hasn’t addressed it.
Researchers successfully took down Apple and Samsung mobile phones using NFC hacks during Mobile Pwn2Own, but were not able to complete compromise Windows Phone or Nexus 5 running Android.
The critical vulnerability in the Schannel technology in Windows that Microsoft patched Tuesday is ripe for exploitation, experts say, and continues the long line of severe vulnerabilities in major SSL/TLS implementations in recent months.
Adobe pushed out security updates for Flash Player this afternoon, addressing 18 different vulnerabilities, all critical, that could allow an attacker to take control of an affected system.
Microsoft patched a zero-day vulnerability in OLE being used in targeted attacks as part of its November 2014 Patch Tuesday security bulletins, one of four critical updates released today.
Researchers at FireEye disclosed Masque, a vulnerability in iOS that enabled the WireLurker attacks. It was reported in July, but has yet to be patched by Apple.
Five vulnerabilities were patched in the most recent update to the open source Pidgin instant messaging client.