vulnerability
JetAudio and JetVideo media player vulnerability allows arbitrary code execution
An arbitrary code execution in the JetAudio Basic (v8.1.3) and JetVideo media players for Windows allows potential attackers to craft a malicious .asf file that could …
Security flaws could allow attackers to steal over 100 different cars
Since 2012, a trio of European researchers knew that the Megamos Crypto transponder – used in a over 100 cars manufactured by Audi, Ferrari, Fiat, Cadillac, Volkswagen …
Microsoft issues emergency patch for IE flaw exploited in the wild
Microsoft has pushed out an emergency out-of-band Internet Explorer update, which fixes a critical memory corruption vulnerability (CVE-2015-2502) that is being actively …
BitTorrent clients can be made to participate in high-volume DoS attacks
A group of researchers have discovered a new type of DoS attack that can be pulled off by a single attacker exploiting weaknesses in the BitTorrent protocol family.The …
Google’s Android Stagefright patch is flawed
The security update released by Google last week does not provide a complete defense against attackers taking advantage of the recently unearthed Stagefright Android …
Researchers get $100k for detecting emerging class of C++ bugs
Facebook has awarded $100,000 to a team of researchers from Georgia Tech for their discovery of a new method for identifying “bad-casting” vulnerabilities that …
Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
Researchers hack Corvette via SMS to plugged-in tracking dongle
A team of researchers from the University of California, San Diego, have managed to hack a Corvette via specially crafted SMS messages sent to a tracking dongle (i.e. a …
Attackers actively exploiting Windows bug via malicious USB devices
In this month’s Patch Tuesday, Microsoft has released 14 bulletins and patches addressing a bucketload of vulnerabilities in a number of its products, including its new …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
HTC phone stores fingerprints in easily accessible plaintext
Pressing a finger on your mobile phone’s fingerprint scanner has to be the easiest, most seamless way to unlock the device, and this is why more and more manufacturers …
UK job recruiters network hit by hacker, user info dumped online
TEAM (The Employment Agents Movement), the largest network of independent recruiters in the UK, has been hit by a Saudi Arabian hacker that goes by the online handle JM511.The …