The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the[…]
Browsing Category: Uncategorized
Facebook today released Security Checkup, an online tool that alerts users when unfamiliar devices try to access an account.
The maintainers of BIND have patched a critical remotely exploitable vulnerability in the DNS software that can be used in a denial-of-service attack. The vulnerability affects all versions of BIND from 9.1.0 through 9.9.7. The vulnerability is in the way that BIND handles certain queries related to transaction key records. The bug is fixed in[…]
Researchers have found a new phishing campaign leveraging Google Drive in order to steal credentials.
The accumulation of automation and Internet-connected devices in many homes these days has led observers to coin the term smart homes. But as researchers take a closer look at the security of these devices, they’re finding that what these homes really are is naive. The latest batch vulnerabilities to hit home automation equipment are in the Tuxedo Touch[…]
The latest car hacking research from Charlie Miller and Chris Valasek has elicited a broad spectrum of reactions: admiration for the skill; outrage at the danger the demo may have put drivers; and even a patch from an automaker. And the EFF is hoping it might also help produce a new exemption to the Digital Millennium[…]
It turns out that Neiman Marcus, one of many retailers that announced it suffered a data breach last year, will indeed face a class action lawsuit which claims the upscale department store failed to protect its system from hackers.
Google is helping to lead a new effort to reduce the amount of fraudulent traffic that emanates from data centers and produces artificial clicks on ads. The collaborative initiative will rely on blacklists of known-bad IP addresses that Google and others maintain to help identify bots that are used in click fraud campaigns and other[…]
A group of lawmakers are proposing that victims of last month’s expansive Office of Personnel Management hack receive lifetime fraud protection and credit monitoring.
A third party operator of concessions and retail services at zoos from Hawaii to Florida acknowledged this week that it was hit by a data breach earlier this year.