Google plugs Google Admin app sandbox bypass 0-day
After having had some trouble with fixing a sandbox bypass vulnerability in the Google Admin Android app, the Google Security team has finally released on Friday an update …
Week in review: New C++ bugs, preventing insider threats, and gamifying threat detection
Here’s an overview of some of last week’s most interesting news, podcasts and articles:Redefining security visualization with Hollywood UI designMost security …
Researcher hacks house arrest tracking system
Tracking ankle bracelets that some criminals are forced to wear after being senteced to home detention can be hacked, allowing them to exit the house and go wherever they want …
Google’s Android Stagefright patch is flawed
The security update released by Google last week does not provide a complete defense against attackers taking advantage of the recently unearthed Stagefright Android …
Apple fixes a bucketload of vulnerabilities in everything
Apple has pushed out updates for OS X Yosemite, OS X Server, iOS and Safari, fixing a bucketload of critical and less critical vulnerabilities.While the OS X Server update …
Five principal cloud security challenges
In our technology driven world, security in the cloud is an issue that should be discussed from the board level all the way down to new employees. CDNetworks takes a look at …
Cisco spots attackers hijacking its networking gear by modifying firmware
Cisco has issued an official warning about in-the-wild attacks that resulted in attackers gaining and potentially keeping administrative access to a Cisco IOS device …
Researchers get $100k for detecting emerging class of C++ bugs
Facebook has awarded $100,000 to a team of researchers from Georgia Tech for their discovery of a new method for identifying “bad-casting” vulnerabilities that …
Redefining security visualization with Hollywood UI design
Most security interfaces today leave a lot to be desired, and many security pros are gaming enthusiasts, accustomed to a sharp and engaging virtual world. ProtectWise CEO …
Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
Dropbox adds support for FIDO U2F secure authentication
Cloud storage giant Dropbox announced to its 400 million users that it supports FIDO U2F for strong two-factor authentication.Dropbox users can now protect their files with …
Addressing IoT risks with a trust framework
The Online Trust Alliance (OTA) released its Internet of Things Trust Framework, the first global, multi-stakeholder effort to address IoT risks comprehensively.The framework …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks