vulnerability
Advice on Tor use in wake of Freedom Hosting compromise
In the wake of the discovery that someone has compromised Tor hidden services hosted by Freedom Hosting and injected malicious JavaScript aimed at de-anonymizing specific …
Tor users targeted with spyware following anonymous Web-host shutdown
The news that the alleged owner of Freedom Hosting, the internet host for a great number of Tor hidden services, has been arrested and is accused of distributing and promoting …
Free tool identifies risks in secure shell environments
SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced the general availability of SSH Risk …
Microsoft announces MAPP overhaul
Introduced in 2008, the Microsoft Active Protections Program (MAPP) was created to give antivirus vendors a head start against malware developers. Vendors would get …
Preventing the exploitation of human vulnerabilities
Secure Mentem released the Human Incident Response Service to specifically address the issue of exploiting human vulnerabilities. Some of the most noted attacks in recent …
Malicious apps exploiting Android “Master Key” bug found
Malicious apps misusing on of the two recently discovered Android “Master Key” bugs to successfully pose as legitimate ones have been discovered on third-party …
SIM encryption flaw opens 500M users to attack
A flaw in the encryption technology used by some SIM cards can allow attackers to make the target phone download malicious apps and even effectively clone a user’s card …
Multiple Java versions on endpoints risky for enterprises
Java represents a significant security risk to enterprises because it is the endpoint technology most targeted by cyber attacks, show the results of Bit9 research. The …
Apple developer center hacked by security researcher?
The mystery of why Apple’s Developer Center has been inaccessible for users since last Thursday has apparently been solved, as UK-based security researcher Ibrahim Balic …
Apps exploiting Android “Master Key” bug offered on Google Play
Researchers from security firm Bitdefender have unearthed two relatively popular apps on Google Play that leverage the infamous Android “Master Key” bug, but …
Vendors patch security vulnerabilities within 3 weeks
High-Tech Bridge Security Research Lab released its statistics on web application security for the first half of 2013. The statistics is based on HTB Security Advisories that …
McAfee ePolicy Orchestrator exploitation tool
US-CERT’s latest advisory focuses on an exploit tool for McAfee ePolicy Orchestrator. The tool targets two vulnerabilities found in ePO versions 4.6.5 and earlier. In …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform