software
Instapaper for Android vulnerable to man-in-the-middle attacks
Bitdefender researchers have discovered that Android app Instapaper is vulnerable to man-in-the-middle attacks that could expose users’ signup/login credentials when logging …
US, UK spies reverse-engineered security software in search for flaws
The UK GCHQ has been actively trying to reverse-engineer popular security software in order find vulnerabilities that can be used to neutralize the protection the software …
Risks from fraudulent mobile apps and unauthorized app stores
Companies spanning retailers, travel companies, media & entertainment, gambling firms and banks have far more mobile apps owned by them or referencing their brand than …
New OpenSSL versions squash LogJam bug
The OpenSSL Project has pushed another update for the eponymous open-source cryptographic library. This one plugs several moderate bugs, one low one, and LogJam …
Serious MitM flaw plugged in latest watchOS version
If you’ve recently bought an Apple Watch, or if you have had one for a while now, but you haven’t updated to the latest watchOS version, now is the time to do it …
Microsoft releases critical patches, improves IE security
This June Patch Tuesday we have a slightly smaller patch load from Microsoft, taking us back to more historic average releases of eight bulletins. We have just two critical …
Released: New version of REMnux Linux distro for malware analysis
REMnux is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident …
Scany: Network scanner for iOS
Over the past five years I tested quite a few iOS applications that could be used for providing quick snaps of the local network. Most of them were free applications and very …
South Korean minors to be monitored via smartphone spying apps
The Korea Communications Commission, South Korea’s media regulation agency modeled after US’ FCC, has made it mandatory for telecoms and parents to install a …
Trojanized, info-stealing PuTTY version lurking online
“A malicious version of the popular open source Secure Shell (SSH) client PuTTY has been spotted and analyzed by Symantec researchers, and found to have …
Google completes ban of extensions not in the Chrome Web Store
Google is slowly but surely working on preventing developers of malicious Chrome extensions from delivering their wares to users.First, in May 2014, they made it so that …
Product spotlight: Qualys Continuous Monitoring
Today’s cyber attacks are often a result of cyber criminals scanning and attacking networks on a continuous basis, coupled with an event-driven approach to monitoring an …