Apple pushed out iOS 9 Wednesday, addressing a cornucopia of vulnerabilities, including bugs that could lead to arbitrary code execution, credential leakage, interface spoofing, among other issues.
Bugzilla users should upgrade to current versions after a privilege escalation vulnerability was reported and patched.
Ryan Naraine hijacks the podcast to talk with Dennis Fisher about the origins of Threatpost, his time as a security reporter, the changes in the industry, and what’s next on the horizon.
Ransomware has emerged as major threat to consumers and businesses in recent years, and law enforcement agencies and security researchers have taken note. Authorities last year disrupted the Cryptolocker ransomware operation and now Dutch police have arrested two young men they believe are involved in the CoinVault ransomware. The arrests came Monday in the Netherlands[…]
Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability.
Google recently patched a lockscreen bypass in its Android-based Nexus phones that was discovered and reported by the University of Texas Information Security Office.
A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about[…]
There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both[…]
Let’s Encrypt hit a major milestone today when its first free and automated cert went live.