IOActive researchers disclosed details on three patched vulnerabilities in Lenovo’s System Update mechanism.
As the expiration date for the controversial Section 215 of the Patriot Act draws near, the voices opposing a renewal of the surveillance powers the measure grants the NSA are growing louder. The latest entry is a letter sent to members of Congress by a long list of privacy, civil liberties, and human rights organizations[…]
Microsoft’s introduction of Windows Update for Business puts an end to Patch Tuesday security updates as we know them.
More than five percent of all unique IP addresses accessing Google sites included some kind of ad injector software, and there are more than 50,000 of those injector browser extensions in use today, according to new research from Google. The company conducted the research over the course of several months last year as a way[…]
Hospira’s Lifecare PCA3 Drug Infusion pumps are susceptible to multiple remotely exploitable vulnerabilities that could not only brick the device but allow an attacker to run commands and put lives in jeopardy.
Experts are concerned that Microsoft’s new Local Administrator Password Solution only partially addresses the problem of identical passwords on computers in a domain.
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
The idea of needing to disable a computer quickly as the police–or another potential adversary–comes through the door typically has been the concern of criminals. But in today’s climate activists, journalists, and others may find themselves wanting to make their laptops unusable in short order, and that’s where usbkill comes in. The new tool is a[…]
Cybercriminals are using the Angler exploit kit to infect users with the Bedep Trojan, which then uses their computer resources to perform click-fraud and artificially inflate video views.
Engineers at Netflix have released another one of the company’s bespoke security tools as an open-source application, this time an incident-response system known as FIDO. The tool is designed to help automate the process of incident response, and specifically it acts as a new layer that helps tie together existing applications by evaluating and assessing[…]