Siemens has patched a web vulnerability in its SIMATIC PLC family of products that could have led unsuspecting users to malicious sites
Dennis Fisher and Mike Mimoso talk about all of the zero days that were dropped this week on Adobe and Apple, the Oracle backdoor drama and the upcoming Kaspersky Security Analyst Summit in Cancun. Then, Dennis calls Brian Donohue to talk about the wonders of the Blackhat movie and Brian’s dog makes a special appearance, too!
Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to remote code execution in some cases. “Sapi/cgi/cgi_main.c in[…]
UPDATE: Thousands of U.S. gas stations contain internet-connected fuel gauges that don’t require passwords and could be remotely shut down by hackers.
Three unpatched Apple OS X vulnerabilities were disclosed by Google’s Project Zero research team. Project Zero discloses if a bug is not patched within 90 days of reporting it to the affected vendor.
Microsoft confirmed this week that despite 2000 Mojang user credentials leaking online, the gaming firm has not been hacked.
Google released version 40 of the Chrome browser, patching 62 vulnerabilities, including close to two-dozen critical memory corruption flaws.
Researchers at Kaspersky Lab today released a detailed analysis of two modules belonging to the Regin malware platform, one for lateral movement, the other a backdoor.
UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is[…]
Mozilla announced the availability of a meta referrer header in Firefox 36 beta. The meta referrer provides users with policy options limiting the personal data sent in web requests.