Developers at Node.js over the weekend released a critical update to the runtime environment that addresses a bug that could be used to cause denial of service attacks.
Thirteen cryptography leaders and pioneers published a paper warning of the economic and social pitfalls associated with the government’s desire for “exceptional access” to cryptographic keys.
More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to develop internal apps, but could not get its[…]
Google has pulled a malicious click fraud app from Google Play that spoofs the popular BatteryBot Pro app.
Grant Wilcox, an ethical hacking degree candidate at the University of Northumbria in the U.K., said the Wassenaar Arrangement rules were one reason he decided not to publish exploits he developed for his dissertation.
Ad fraud malware is one of the more profitable specialties in the cybercrime world, and the attackers who use it often have to adapt their tactics in order to keep the money rolling in. One of the tactics that they have adopted in recent months is that of updating the version of Flash that’s installed on an infected machine.
Core Security disclosed information on command-injection vulnerabilities found in a number of AirLive IP-enabled cameras after repeated attempts to disclose to the manufacturer were ignored.
Attackers have compromised the network of Italian intrusion software vendor Hacking Team and released a large cache of the company’s private documents, including customer invoices that show sales to oppressive governments.
Harvard University warned students of a data breach that may have exposed school network and email logins.
Dennis Fisher and Mike Mimoso discuss the OS X and iOS patches, the potential for the new cyber UL project run by Mudge, and the lawsuit against OPM after its data breach.