security update
iOS 8 fixes bucketload of severe security bugs
Apple has released the latest version of its mobile OS on Wednesday, and in it has fixed over 50 vulnerabilities, many of which are very serious: Two vulnerabilities allowed a …
Blackphone security issues and vulnerabilities unveiled
Blackphone, the carrier- and vendor-independent smartphone that was created with the goal of placing privacy and control directly in the hands of its users, is not without its …
New Firefox offers MITM protection via public key pinning
Mozilla has released the latest version of Firefox (v32) for Windows, Mac, Linux, and Android, and the new browser sports some notable security improvements. For one, the new …
Patching: The least understood line of defense
When it comes to security, only a total dope doesn’t understand firewalls, anti-virus and at least the basics of passwords. But how many end users, indeed how many IT …
New Chrome fixes 50 security issues, bug hunter gets $30k
Having implemented 50 security fixes, the Google Chrome team has pushed out a new stable version of the popular browser. The company hasn’t shared many bug details since …
Apple patches Safari arbitrary code execution vulnerabilities
Apple released new versions of their Safari browser – 6.1.6 and 7.0.6 – in which they fixed multiple memory corruption problems in Webkit. Out of the seven …
Google starts warning users about deceptive downloads
Google has announced a welcome change to its Safe Browsing service: starting next week, Google Chrome will also warn users about attempts to make them download software that …
Microsoft fixes 37 vulnerabilities
Microsoft clearly wants everyone to shake off the dog days of summer and pay attention to patching. This month’s advance notice contains nine advisories spanning a range …
Serious flaws in cell phone carrier control software found
At the Black Hat conference this week, two Accuvant researchers have disclosed serious security flaws in the carrier control software used in over 2 billion cellular devices …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Symantec issues update fixing Endpoint Protection zero-day
Symantec has issued updates for its Endpoint Protection solution that fix the zero-day escalation of privilege vulnerability recently discovered by Offensive Security …
I2P patched against de-anonymizing 0-day, Tails integration still to follow
Developers of the I2P anonymous networking tool have released a new version (0.9.14) of the tool that fixes XSS and remote execution vulnerabilities reported by Exodus …