web analytics

A Real-Life Look into Responsible Disclosure for Security Vulnerabilities

7th March 2017 By Marc Laliberte   A researcher gives us a glimpse into what happened when he found a problem with an IoT device.   As an information security researcher, a major part of my job is to help software and hardware manufacturers fix security issues before they’re exploited by bad guys. When white… Continue reading A Real-Life Look into Responsible Disclosure for Security Vulnerabilities

Google Patches 35 Critical Android Vulnerabilities

By Ionut Arghire on March 07, 2017   Google this week released a new set of monthly security patches for Android to address over 100 vulnerabilities in the platform, 35 of which carry a Critical severity rating.   In a newly published Security Bulletin, Google reveals that two partial security patch level strings are rolling… Continue reading Google Patches 35 Critical Android Vulnerabilities

Google leads ‘guerilla patching’ of big vulnerability in open source projects

7th March 2017  by John E Dunn   Google has revealed its emergency patching efforts to fix a widespread and “pernicious” software vulnerability that affected thousands of open source projects in 2015.   Referred to as “Mad Gadget” by Google (aka the Java “Apache Commons Collections Deserialization Vulnerability” CVE 2015-6420), the flaw was first highlighted by… Continue reading Google leads ‘guerilla patching’ of big vulnerability in open source projects

Active Defense Bill Raises Concerns Of Potential Consequences

 By Michael Mimoso    March 7, 2017                                           A discussion draft of a bill proposed on Friday by Rep. Tom Graves (R-GA) that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences. The Active Cyber Defense Certainty Act would exempt victims of computer crimes from prosecution… Continue reading Active Defense Bill Raises Concerns Of Potential Consequences

Google's reCAPTCHA anti-robot widget has been found to be susceptible to a robot attack

Someone found out how to defeat one of Google’s security measures by using another Google service… what?!   https://www.scmagazineuk.com/ear-ear-hacker-could-defeat-google-recaptcha-with-speech-recognition/article/642286/    In fact, you can find the proof-of-concept script on GitHub in the article.  Take a look at the best antivirus, anti-malware, anti-spy, etc. software Powered by WPeMatico

Important Linux Kernel Security Patch Released for CentOS 7, Update Now

Users are urged to update to kernel-3.10.0-514.10.2.el7                                    Mar 6, 2017 22:02 GMT  ·  By Marius Nestor   An important Linux kernel security patch has been released today, March 6, 2017, for users of the CentOS 7 operating system series, addressing a total of four vulnerabilities discovered recently.   CentOS… Continue reading Important Linux Kernel Security Patch Released for CentOS 7, Update Now

Multiple Zero-days Disclosed in Western Digital NAS Storage Devices

By Kevin Townsend on March 06, 2017   The Western Digital My Cloud range of storage devices, ranging from consumer products with up to 16TB storage (My Cloud Mirror) to business devices with up to 32TB storage (My Cloud Pro and My Cloud Expert) contain multiple firmware vulnerabilities that can be exploited remotely. Bugs reported… Continue reading Multiple Zero-days Disclosed in Western Digital NAS Storage Devices

The dangers of legacy email archives

6th March 2017 By Bill Tolson   To everyone who continues to own a legacy email archive — beware! You are sitting on a ticking time bomb.   By legacy email archives, I am referring to an email archive that was designed in the early 2000’s and is likely deployed on premises; but in some cases… Continue reading The dangers of legacy email archives

Mobile Menace Monday: Facebook Lite infected with Spy FakePlay

March 6, 2017 by Nathan Collier   A version of the popular mobile app Facebook has been found to be infected with what we detect as Android/Trojan.Spy.FakePlay. Facebook Lite is a more compact version of the popular app that uses less data and claims to work in all network conditions (i.e. where network conditions are… Continue reading Mobile Menace Monday: Facebook Lite infected with Spy FakePlay

Are Macs immune to viruses?

                                                            6 October 2016 by Mark Williams   So, are Apple devices and Macs immune to viruses? Short answer: no. Then why do so many people believe that they are? Let’s break it down.   Viruses are always written for a specific platform. A virus written for… Continue reading Are Macs immune to viruses?