software
School monitoring software’s hard-coded encryption key exposed
Impero Software is the creator and seller of “Impero Education Pro”, a piece of software that’s used in many UK schools to monitor school computers for …
Adobe patches Hacking Team Flash zero-days, update immediately!
Adobe has released new versions of Flash Player, Shockwave Player and Acrobat and Reader, all of which fix critical vulnerabilities that could potentially allow an attacker to …
VMware fixes host privilege escalation bug in Workstation, Player, Horizon View
VMware has issued software updates for VMware Workstation, Player, and Horizon View Client for Windows, which fix relatively serious a host privilege escalation vulnerability …
IIS 6.0 users are heading towards new security dangers
RiskIQ has discovered that 24 of the top 30 FTSE-listed companies in the UK are running web servers that will be out of support in less than a week, posing a potential …
Fake Android battery monitor app thoroughly compromises users’ devices
“Downloading apps from Google Play is a safer proposition than doing it from third party markets, but despite Google using an automated app scanning service …
Data-centric security with RightsWATCH
The fact that sensitive data seems to increasingly follow a pattern of being leaked, lost or stolen, has forced security professionals to rethink how their organizations can …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Vegan and BeEF clash shows how cyber arms race never stops
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries. An example of this …
Instapaper for Android vulnerable to man-in-the-middle attacks
Bitdefender researchers have discovered that Android app Instapaper is vulnerable to man-in-the-middle attacks that could expose users’ signup/login credentials when logging …
US, UK spies reverse-engineered security software in search for flaws
The UK GCHQ has been actively trying to reverse-engineer popular security software in order find vulnerabilities that can be used to neutralize the protection the software …
Risks from fraudulent mobile apps and unauthorized app stores
Companies spanning retailers, travel companies, media & entertainment, gambling firms and banks have far more mobile apps owned by them or referencing their brand than …
New OpenSSL versions squash LogJam bug
The OpenSSL Project has pushed another update for the eponymous open-source cryptographic library. This one plugs several moderate bugs, one low one, and LogJam …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)