Fifteen zero day vulnerabilities were exploited during the SOHOpelessly Broken router hacking contest at DEF CON.
Browsing Category: Vulnerabilities
The Google Safe Browsing service has become an integral part of most of the major browsers, integrating malware alerts, warnings about malicious Web sites and suspicious content. The company has been expanding the capabilities of the service steadily over the last few years, and now Google is adding warnings about deceptive software to the service.[...]
Apple has released a new version of Safari that fixes seven security vulnerabilities, all of which are related to the WebKit framework in the browser. The advisory from Apple is typically bare-bones, with almost no information about the vulnerabilities fixed in Safari 6.1.6 and 7.0.6. Apple said that all of the vulnerabilities in WebKit are[...]
Disqus, the maker of the popular community commenting plugin, has patched a handful of security flaws, including a CSRF bug.
Dennis Fisher and Mike Mimoso look back on the news from the last week in Las Vegas at Black Hat and DEF CON, including the Blackphone rooting, the Computrace research and the more upbeat mood at the conferences this year.
Adobe released security updates for Reader, Acrobat and Flash Player. The Reader and Acrobat patches address a zero-day vulnerability being exploited in limited targeted attacks.
There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware.
Vulnerabilities in the secure Blackphone reported during DEF CON require unusual circumstances to exploit.
Absolute Software’s anti-theft Computrace software is mysteriously installed on brand new machines, nearly impossible to remove, and exploitable.
Embedded device security emerged as front page news during the recently wrapped up Black Hat and DEF CON events.