A small segment of the security research community has been spending a lot of time tearing apart the innards of various vehicles and looking at ways that the computers and local networks that reside in modern cars can be hacked. There has been some remarkable success on this front, and while auto makers haven’t paid[...]
Browsing Category: Vulnerabilities
Microsoft patched a disclosure leak in Internet Explorer that revealed whether EMET or other antimalware protections were running on a compromised computer.
Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid.
Adobe announced security updates and a new version of Flash Player for Windows, Mac and Linux; the company also announced it was postponing a scheduled update for Reader and Acrobat.
In the days and weeks following the public disclosure of the OpenSSL Heartbleed vulnerability in April, security researchers and others wondered aloud whether there were some organizations–perhaps the NSA–that had known about the bug for some time and had been using it for targeted attacks. A definitive answer to that question may never come, but[...]
A company in charge of manufacturing sensors used in traffic control systems has patched a series of previously disclosed bugs that could’ve opened the products up to exploits.
A new timing attack has been disclosed that could de-anonymize Google users under particular conditions. Google acknowledged the issue but said it would fix it because the risk is low.
Drive-by malware downloads have been spotted on the website of a prominent Israel think-tank, the Jerusalem Center for Public Affairs. The attacks seems to target bank credentials.
Microsoft announced four bulletins are scheduled for the September Patch Tuesday release, along with new research on public vulnerability disclosures.
Security experts are digging into point-of-sale malware, Backoff in particular, as speculation rages on about how hackers pulled off the Home Depot data breach.