vulnerability
Compromising Google Accounts and enterprises via flaw in Android SSO
When it comes to Android, Google has traded security for convenience, says Tripwire security researcher Craig Young. During his recent presentation at Def Con in Las Vegas, he …
Advice on Tor use in wake of Freedom Hosting compromise
In the wake of the discovery that someone has compromised Tor hidden services hosted by Freedom Hosting and injected malicious JavaScript aimed at de-anonymizing specific …
Tor users targeted with spyware following anonymous Web-host shutdown
The news that the alleged owner of Freedom Hosting, the internet host for a great number of Tor hidden services, has been arrested and is accused of distributing and promoting …
Free tool identifies risks in secure shell environments
SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced the general availability of SSH Risk …
Microsoft announces MAPP overhaul
Introduced in 2008, the Microsoft Active Protections Program (MAPP) was created to give antivirus vendors a head start against malware developers. Vendors would get …
Preventing the exploitation of human vulnerabilities
Secure Mentem released the Human Incident Response Service to specifically address the issue of exploiting human vulnerabilities. Some of the most noted attacks in recent …
Malicious apps exploiting Android “Master Key” bug found
Malicious apps misusing on of the two recently discovered Android “Master Key” bugs to successfully pose as legitimate ones have been discovered on third-party …
SIM encryption flaw opens 500M users to attack
A flaw in the encryption technology used by some SIM cards can allow attackers to make the target phone download malicious apps and even effectively clone a user’s card …
Multiple Java versions on endpoints risky for enterprises
Java represents a significant security risk to enterprises because it is the endpoint technology most targeted by cyber attacks, show the results of Bit9 research. The …
Apple developer center hacked by security researcher?
The mystery of why Apple’s Developer Center has been inaccessible for users since last Thursday has apparently been solved, as UK-based security researcher Ibrahim Balic …
Apps exploiting Android “Master Key” bug offered on Google Play
Researchers from security firm Bitdefender have unearthed two relatively popular apps on Google Play that leverage the infamous Android “Master Key” bug, but …
Vendors patch security vulnerabilities within 3 weeks
High-Tech Bridge Security Research Lab released its statistics on web application security for the first half of 2013. The statistics is based on HTB Security Advisories that …
Featured news
Resources
Don't miss
- Microsoft introduces protection against email bombing
- Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it