Apple has released iOS 8.3, a major security upgrade for iPhone and iPad users that includes patches for more than three dozen vulnerabilities. The new version of iOS has security fixes for several vulnerabilities in the mobile operating system’s kernel, a handful of code-execution bugs and a long list of WebKit vulnerabilities. Apple also patched[…]
Browsing Category: Vulnerabilities
DHS warns of two symmetric key authentication vulnerabilities in the NTP protocol that were patched this week.
Less than a week after introducing the new opportunistic encryption feature in Firefox, Mozilla has had to disable it because of a security vulnerability in the browser’s implementation of the HTTP Alternative Services specification. The bug puts a kink in the new feature, which was designed to allow clients to connect securely to a server[…]
Researchers have seen an uptick in Adobe Flash .SWF files being used to trigger malicious iFrames across websites.
VMware has issued an update to a number of its products fixing an information disclosure bug in Oracle’s Java runtime environment.
Auditors performing a cryptanalysis of TrueCrypt found four vulnerabilities, but zero backdoors in the popular open source encryption software.
Google’s first Android Security Report puts some hard data behind the effectiveness of the security enhancements it has put into the OS.
A Russian security researcher discovered that he could delete any video on YouTube by sending a simple POST request in YouTube’s Creator Studio.
Students at St. Mary’s University in Canada released to open source a web-based threat modeling tool called Seasponge that they hope will provide an alternative to Microsoft’s free tool.