software
Google also abused its Apple developer certificate to collect iOS user data
It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of …
Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65
Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy …
Researcher warns of privilege escalation flaw in Check Point ZoneAlarm
Illumant researcher Chris Anastasio has discovered a serious vulnerability in Check Point’s security software. It affects ZoneAlarm Free Firewall and ZoneAlarm Free Antivirus …
Most popular home routers lack basic software security features
It’s no secret that too many Internet of Things devices lack adequate security. But is it too much to expect that out home routers – the devices that …
Post-exploitation scanning tool scavenges for useful information
Philip Pieterse, Principal Consultant for Trustwave’s SpiderLabs, has demonstrated at Black Hat Arsenal Europe 2018 a new tool for penetration testers called Scavenger. …
Vulnerability discovered in safety controller configuration software
Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in …
Product showcase: Cynet 360 Security Platform
Resource-constrained companies that want to protect their internal environments from cyberattack face an impossible challenge: they need to spend a lot of money to buy …
For recent big data software vulnerabilities, botnets and coin mining are just the beginning
The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more …
Review: Specops Password Policy
All who work in the information security industry agree that passwords are one of the worst security nightmares of the modern information security age. Having weak passwords …
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
High risk vulnerability discovered in Sauter CASE Suite building automation software
Applied Risk researcher, Gjoko Krstic, has identified a security vulnerability in the Sauter CASE Suite, a software package used to handle building automation projects with …
New techniques expose your browsing history to attackers
Security researchers at UC San Diego and Stanford have discovered four new ways to expose Internet users’ browsing histories. These techniques could be used by hackers …
Featured news
Resources
Don't miss
- Identifying high-risk APIs across thousands of code repositories
- Want fewer security fires to fight? Start with threat modeling
- Build a mobile hacking rig with a Pixel and Kali NetHunter
- Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
- Connectwise is rotating code signing certificates. What happened?