Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. Version 8.4 of iOS contains fixes for more than 30 security vulnerabilities, including bugs in the iOS kernel, WebKit, and CoreText.[…]
An advisory from Akamai warns of a recent reflection style DDoS attack in which the deprecated RIPv1 routing protocol was leveraged against targets.
Pinterest recently fixed an issue in the API of its web app that could have allowed remote attackers to compromise emails and carry out session hijacking and phishing attacks.
Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest usernames and passwords from customers. LifeLock patched the vulnerability quickly after researchers Blake Welsh and Eric Taylor from Cinder Cyber Research reported it. Welsh said via[…]
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.