Developers at Dropbox recently fixed a remotely exploitable vulnerability in the Android SDK version of the app that enabled attackers to connect applications on some devices to a Dropbox account without the user’s consent.
Browsing Author: Chris Brook
Yahoo has fixed a handful of vulnerabilities that could have given an attacker free reign over all of its user-run eCommerce websites and caused multiple headaches for small business owners.
Anthem has refused to undergo vulnerability scans and configuration compliance tests in the aftermath of a breach that may have leaked the personal information of nearly 100,000 customers and non-customers.
Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties.
A new type of POS malware, LogPOS, is using technology that evades detection by letting the malware inject code while it shuttles stolen credit card numbers to its C+C server.
Attackers behind one of the more popular exploit kits, Angler, have added a tweaked version of an exploit from last fall, a use after free vulnerability in Microsoft’s Internet Explorer browser.
In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.
CloudFlare has deployed a new level of encryption on its service that hardens and speeds up users’ experience, especially when accessing domains via mobile browsers.
At last week’s Security Analyst Summit Kris McConkey, part of PricewaterhouseCoopers’ UK Cyber Threat Operations team, discusses OpSec failures: How attackers are still humans and make mistakes like sometimes using personal email addresses and real names in their campaigns.