UPDATE–Oracle, never the most researcher-friendly software vendor, has taken its antagonism to another level after publishing a blog post by CSO Mary Ann Davidson that rails against reverse engineering and saying that the company has no need for researchers to look at Oracle’s code for vulnerabilities because “it’s our job to do that, we are[…]
Browsing Category: Web Security
Adobe has released a massive update for Flash, the application that has become the Internet’s problem child. The update contains patches for more than 30 vulnerabilities in Flash on Windows, OS X, and Linux. Adobe pushed out the fixes on Tuesday afternoon, the latest in a long series of fixes for Flash in the last[…]
UPDATE–The list of politicians in Washington wringing their hands over the increasing use of encryption by consumers and businesses is growing longer by the day. Sen. Elizabeth Warren added her name to that list on Monday. Warren (D-Mass.) sent a letter to Attorney General Loretta Lynch expressing concern about a new encrypted communications platform that[…]
At Black Hat, two recent Boston University computer engineering graduates revealed software and hardware hacks against the latest versions of the popular Square Reader.
The Darkhotel APT gang has extended its geographic reach to victims in a host of additional countries, and has added to its cache of zero days with its use of a HackingTeam exploit for a Flash zero-day vulnerability.
The EFF has released the 1.0 version of Privacy Badger, its browser extension that blocks the hidden trackers used on many sites to follow users around the Web.
Mozilla has released a patch for a vulnerability in Firefox that was discovered when a user found it being actively exploited in the wild.
Researchers at Black Hat found a weak spot in some WSUS configurations that could allow an attacker to compromise any server or desktop in an enterprise.
If the Wassenaar Arrangement rules proposed by the United States aren’t modified significantly before they’re implemented, dark days may lie ahead for the research community, experts say.
Dell SecureWorks researchers today at Black Hat released a new report on Emissary Panda, or TG-3390, a China-sponsored APT gang that has refined the types of data it covets.