There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. Cloud Station is a system that allows users to sync files across a number of devices. The system saves changes to files on[…]
Browsing Category: Web Security
Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product.
For many years, eBay has been one of the bigger targets for phishers and many other kinds of attackers and they have been honing their tactics and improving them along the way. Much of their effectiveness depends on convincing users that they’re on the real eBay site and the site recently fixed a vulnerability that[…]
Researchers at Purdue University have developed a scheme that protects stolen passwords from offline cracking.
The internet-cable-television provider Charter Communications recently fixed an issue with its website that was inadvertently leaking the information of tens of thousands of its customers.
Experts point out that the proposed Wassenaar rules in the U.S. leave unanswered questions regarding exploit development and the use of commercial penetration testing tools.
The Internet knows a lot about you, including your mother’s maiden name, your favorite food, and what street your first pet grew up on. And, according to some new research from Google, attackers have a good chance of figuring those things out pretty easily, too. The security questions that Google and other companies ask users as[…]
The Commerce Department’s Bureau of Industry and Security today made public its proposal to implement the controversial Wassenaar Arrangement.
Dennis Fisher talks with security pioneer Marcus Ranum about writing an early Internet firewall at DEC, the security gold-rush era of the 1990s and early 2000s, why he never patented most of the ideas he has come up with and how he found peace of mind.
Researchers have uncovered a flaw in the way that some servers handle the Diffie-Hellman key exchange, a bug that’s somewhat similar to the FREAK attack and threatens the security of many Web and mail servers. The bug affects all of the major browsers and any server that supports export-grade 512-bit Diffie-Hellman cryptography. The most serious[…]