Facebook doubles the payout of its Internet Defense Prize with a $100,000 award to a team of Georgia Tech researchers for a new class of browser-based memory-corruption vulnerabilities and a corresponding detection technique.
Browsing Category: Web Security
Researchers have identified a handful of vulnerabilities present in three different plugins used by the content management system WordPress.
Cisco is warning enterprise customers about a spike in attacks in which hackers use valid credentials on IOS devices to log in as administrators and then upload malicious ROMMON images to take control of the devices. The ROM Monitor is the program that initializes the hardware and software on IOS devices, and an attacker who[…]
With Tuesday’s release of Firefox 40, Mozilla has begun the process of requiring all add-ons for the browser to be signed. The company announced the forthcoming change in February, and Firefox 40 is the first version to warn users about unsigned add-ons. The goal for the change in policy is to protect users from malicious extensions[…]
The number of information requests Twitter is receiving from the United States government is increasing steadily, having risen roughly 50 percent in the first six months of this year compared to the last six months of 2014. In its latest transparency report, Twitter said that it received 2,436 information requests from the U.S. government from[…]
Microsoft released a security bulletin for its new Edge browser, patching four critical vulnerabilities.
UPDATE–Oracle, never the most researcher-friendly software vendor, has taken its antagonism to another level after publishing a blog post by CSO Mary Ann Davidson that rails against reverse engineering and saying that the company has no need for researchers to look at Oracle’s code for vulnerabilities because “it’s our job to do that, we are[…]
Adobe has released a massive update for Flash, the application that has become the Internet’s problem child. The update contains patches for more than 30 vulnerabilities in Flash on Windows, OS X, and Linux. Adobe pushed out the fixes on Tuesday afternoon, the latest in a long series of fixes for Flash in the last[…]
UPDATE–The list of politicians in Washington wringing their hands over the increasing use of encryption by consumers and businesses is growing longer by the day. Sen. Elizabeth Warren added her name to that list on Monday. Warren (D-Mass.) sent a letter to Attorney General Loretta Lynch expressing concern about a new encrypted communications platform that[…]
At Black Hat, two recent Boston University computer engineering graduates revealed software and hardware hacks against the latest versions of the popular Square Reader.