vulnerability
Android bug allows app code change without breaking signatures
Researchers from Bluebox Security have discovered a critical Android flaw that allows attackers to modify the code of any app without breaking its cryptographic signature, and …
Darkleech Apache module injection campaign delivers malware
One of the most successful malware infection campaigns ever is still going strong, and researchers have not come closer to discovering how the attackers are compromising web …
Serious vulnerabilities in OpenX ad platform expose millions to risk
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenX, which can be exploited to execute arbitrary PHP code, perform Cross-Site Scripting (XSS) …
Facebook squashes critical account hijacking bug
A U.K.-based security researcher has shared details of a recently patched Facebook vulnerability that he discovered and for which he received $20,000 via the the social …
Data-slurping Facebook Graph Search flaw revealed
A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 …
Car hack attack a possible theory behind journalist’s death
The upcoming DEFCON hacking conference will have many presenters touching on a great number of subjects, including that of car hacking. Security researcher Charlie Miller, …
Microsoft to pay up to 150k for vulnerabilities
After years of saying that bug bounties are not the best way to go about getting crucial product vulnerability information in the long run, Microsoft has done an about-face …
U.S. tech companies sharing bug info with U.S. govt before releasing fixes
A recent report by Bloomberg’s Michael Riley has revealed that a great many U.S.-based companies are voluntarily sharing sensitive information with the U.S. national …
ISC-CERT warns about medical devices with hard-coded passwords
Approximately 300 different surgical and anesthesia devices, ventilators, drug infusion pumps, external defibrillators, patient monitors, and laboratory and analysis equipment …
Google ups (some) bug bounties
Google has once again decided to raise the sums that researchers can earn by offering information about bugs in the company’s web services and properties (YouTube, …
Smart TVs vulnerable to a host of attacks
Smart (connected) TVs are becoming a common fixture in Western world homes, and most users consider it a handy tool and an improvement over the basic television sets of …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity