Eavesdropper bug exposes millions of texts, calls

A recently discovered vulnerability affecting almost 700 iOS and Android apps has exposed millions of text messages, calls, and voice recordings, researchers at enterprise mobile threat protection firm Appthority warned Thursday.

The original article can be found here: http://www.foxnews.com/tech/2017/11/10/eavesdropper-bug-exposes-millions-texts-calls.html

Powered by WPeMatico

KRACK Wi-Fi bug: What Apple, Google, more are doing to fix it

The new vulnerability found in Wi-Fi networks may sound scary, but vendors are starting to roll out patches to address the danger.

The original article can be found here: http://www.foxnews.com/tech/2017/10/18/krack-wi-fi-bug-what-apple-google-more-are-doing-to-fix-it.html

Powered by WPeMatico

Apple unlikely to learn details of San Bernardino iPhone exploit

Article Image Apple, in an effort to protect customers against a heretofore unknown iPhone vulnerability, has sought information regarding a working encryption exploit used by the Justice Department in its investigation into the San Bernardino terror attacks. A new report, however, suggests the passcode bypass technique will likely remain secret.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4eed9b51/sc/15/l/0Lappleinsider0N0Carticles0C160C0A40C140Capple0Eunlikely0Eto0Elearn0Edetails0Eof0Esan0Ebernardino0Eiphone0Eexploit/story01.htm

Powered by WPeMatico

Adobe Issues Emergency Patch to Head Off Flash Ransomware Attacks


Adobe last week issued an emergency security patch to fix a vulnerability in Flash that could leave users vulnerable to a ransomware attack. The vulnerability exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux and Chrome operating systems. It can cause a crash and leave the computer vulnerable to attackers, the company. It’s aware of reports that CVE 2016-1019 has been exploited on systems running Windows 10 and earlier with Flash version 20.0.0.306 and earlier, Adobe said.

The original article can be found here: http://www.ecommercetimes.com/story/83348.html?rss=1

Powered by WPeMatico

Apple blocks older Adobe Flash plug-in versions on OS X

Article Image Following the discovery — and subsequent fix — of yet another critical Adobe Flash vulnerability last week, Apple activated its Web plug-in blocking capability for OS X Safari to protect Mac users from what Adobe describes as “limited, targeted attacks.”

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4ad5cbc5/sc/28/l/0Lappleinsider0N0Carticles0C150C10A0C20A0Capple0Eblocks0Eolder0Eadobe0Eflash0Eplug0Ein0Eversions0Eon0Eos0Ex/story01.htm

Powered by WPeMatico

Adobe identifies major Flash Player vulnerability, says exploit being used in real-world attacks

Article Image Adobe has discovered a “critical” vulnerability affecting many recent versions of Flash Player, according to a new security bulletin, which warns that the exploit is already in use by hackers.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4ab43f57/sc/28/l/0Lappleinsider0N0Carticles0C150C10A0C150Cadobe0Eidentifies0Emajor0Eflash0Eplayer0Evulnerability0Esays0Eexploit0Ebeing0Eused0Ein0Ereal0Eworld0Eattacks/story01.htm

Powered by WPeMatico

New privilege escalation exploit discovered in OS X Yosemite, also affects just-released 10.10.5

Just days after patching the DYLD_PRINT_TO_FILE vulnerability with a new OS X point release, Apple’s desktop operating system has been hit with yet another zero-day exploit that would allow an attacker to gain root access without using a password.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4905c529/sc/28/l/0Lappleinsider0N0Carticles0C150C0A80C160Cnew0Eprivilege0Eescalation0Eexploit0Ediscovered0Ein0Eos0Ex0Eyosemite0Ealso0Eaffects0Ejust0Ereleased0E10A10A5/story01.htm

Powered by WPeMatico

Google's initial Android Stagefright patch inadequate, forced to issue second fix

The first software patch designed to mitigate the high-profile Stagefright vulnerability in Google’s Android mobile operating system was insufficient, one security researcher discovered, leading to the issuance of yet another update.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/48fcc79f/sc/15/l/0Lappleinsider0N0Carticles0C150C0A80C140Cgoogles0Einitial0Eandroid0Estagefright0Epatch0Einadequate0Eforced0Eto0Eissue0Esecond0Efix/story01.htm

Powered by WPeMatico

Active OS X 10.10 zero-day exploit installs malware without need for system passwords

A week after researchers discovered a new privilege escalation zero-day vulnerability in Apple’s latest version of OS X 10.10.4, an exploit has appeared allowing nefarious hackers to install adware and malware onto a target Mac without requiring system passwords.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/48ae275a/sc/28/l/0Lappleinsider0N0Carticles0C150C0A80C0A30Cactive0Eos0Ex0E10A10A0Ezero0Eday0Eexploit0Einstalls0Emalware0Ewithout0Eneed0Efor0Esystem0Epasswords/story01.htm

Powered by WPeMatico

Samsung’s security failures leave 600 million Android users vulnerable to simple keyboard hack

Samsung Galaxy S6
A critical new vulnerability has been discovered on Samsung Galaxy S5 and S6 devices, but the state of the Android ecosystem means there’s nothing end-users can do about it (except avoid unsecured WiFi, anyway).

The original article can be found here: http://www.extremetech.com/extreme/208529-samsungs-security-failures-leave-600-million-android-users-vulnerable-to-simple-keyboard-hack

Powered by WPeMatico

Some 1,500 iOS apps exposed to serious HTTPS vulnerability, analytics firm says

Approximately 1,500 iOS apps are exposed to a vulnerability that could let a hacker bypass HTTPS security and steal passwords and other sensitive data, according to research released on Monday.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4598dc3b/sc/28/l/0Lappleinsider0N0Carticles0C150C0A40C210Csome0E150A0A0Eios0Eapps0Eexposed0Eto0Eserious0Ehttps0Evulnerability0Eanalytics0Efirm0Esays/story01.htm

Powered by WPeMatico

Update your Mac: Apple fixes major flaw in OS X Yosemite, but won't patch Lion, Mountain Lion or Mavericks

A serious vulnerability present in every iteration of Apple’s desktop operating system since OS X 10.7 –?one which allows any user process to gain root privileges –?was disclosed to the public on Thursday following the release of OS X 10.10.3, which addresses the issue, and users are urged to update as older OS X versions will remain susceptible to attack.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/45422162/sc/28/l/0Lappleinsider0N0Carticles0C150C0A40C0A90Cupdate0Eyour0Emac0Eapple0Efixes0Emajor0Eflaw0Ein0Eos0Ex0Eyosemite0Ebut0Ewont0Epatch0Elion0Emountain0Elion0Eor0Emavericks/story01.htm

Powered by WPeMatico

Power grid’s failing infrastructure at risk of cyberattack

Tuesday’s power failure in Washington has once again raised questions about the vulnerability of America’s electric power grid.

The original article can be found here: http://www.foxnews.com/tech/2015/04/08/power-grids-failing-infrastructure-at-risk-of-cyberattack/

Powered by WPeMatico

Mozilla disables new Firefox features to address critical security flaw

Firefox-Crash
Mozilla has updated Firefox to patch a critical vulnerability, but was forced to disable one of the browser’s new security-enhancing features as a result.

The original article can be found here: http://www.extremetech.com/computing/202809-mozilla-disables-new-firefox-features-to-address-critical-security-flaw

Powered by WPeMatico

Hundreds of iOS apps vulnerable to HTTPS-based FREAK attack

A report on Tuesday points out that a recent SSL/TSL vulnerability dubbed “FREAK” is not restricted to Web browsers and can affect mobile apps, leaving hundreds of iOS apps open to potential man-in-the-middle attacks.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/448135b9/sc/5/l/0Lappleinsider0N0Carticles0C150C0A30C170Chundreds0Eof0Eios0Eapps0Evulnerable0Eto0Ehttps0Ebased0Efreak0Eattack/story01.htm

Powered by WPeMatico

OS X 10.10.2 will fix years-old Thunderbolt hardware vulnerability

A Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple’s forthcoming OS X 10.10.2 update for Yosemite, preventing any future attacks.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/42b944db/sc/5/l/0Lappleinsider0N0Carticles0C150C0A10C260Cos0Ex0E10A10A20Ewill0Efix0Eyears0Eold0Ethunderbolt0Ehardware0Evulnerability/story01.htm

Powered by WPeMatico

Flash flaw could allow attackers to steal browser data on Macs, Adobe issues fix

A well-known vulnerability in Adobe’s Flash player that could allow malicious users to steal browser data — including cookies — on Macs, PCs, and Linux machines has been exploited for the first time, prompting Adobe to issue a patch and urge users to upgrade their system as soon as possible.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/3c533b4a/sc/4/l/0Lappleinsider0N0Carticles0C140C0A70C0A90Cflash0Eflaw0Ecould0Eallow0Eattackers0Eto0Esteal0Ebrowser0Edata0Eon0Emacs0Eadobe0Eissues0Efix/story01.htm

Powered by WPeMatico

Data Fortress 101: Is it possible to make a computer that’s totally invulnerable to the NSA?

Computers and cool futuristic binary stuff
Given everything we’ve learned about software vulnerability, NSA cyber-attacks, and widespread online crime, is it even possible to achieve total, complete security?

The original article can be found here: http://www.extremetech.com/computing/183346-data-fortress-101-is-it-possible-to-make-a-computer-thats-totally-invulnerable-to-the-nsa

Powered by WPeMatico