Researchers at Boston University have published new attacks against the Network Time Protocol (NTP) that jeopardize the security of numerous online activities.
Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.
Apple on Thursday fixed scores of vulnerabilities in OS X, iOS, Safari, iTunes, and even the company’s smart watch operating system, watchOS. Chief among the fixes was a patch for two issues the Pangu Team was using to jailbreak iOS devices.
Google said it will move gmail.com to a policy of rejecting any messages that don’t pass the authentication checks spelled out in the DMARC specification.
Oracle patched 154 vulnerabilities in 54 different products as part of its regularly scheduled Critical Patch Update Tuesday.
Microsoft opened a bounty for the .NET Core and ASP.NET Beta, paying out up to $15,000 for eligible vulnerabilities.
Let’s Encrypt hit a milestone last night when it received the cross-signatures necessary to render its beta-and free-certificates trusted by all browsers.
Juan Andres Guerrero-Saade from Kaspersky Lab’s Global Research & Analysis Team (GReAT) joins Ryan Naraine on the podcast to discuss the “identity crisis” in the anti-malware industry and the ethics and perils of investigating state-sponsored or geopolitically significant threats.
Some consumer-grade, self-encrypting external hard drives from Western Digital are littered with security vulnerabilities that render their encryption an afterthought.
Apple said it will remove 256 misbehaving apps from its App Store that were using private APIs to pull personal and device information.