Similar to what Mozilla did in its Firefox browser earlier this year, Apple has elected to block old, out-of-date versions of Adobe’s Flash Player product in Safari in hopes of getting users to update their systems.
A vulnerability exists in Samsung devices running Android version 4.1.2 that could give unauthenticated users the ability to circumvent the screen lock and view the home screen, run apps, and reach out to contacts without successfully completing Android’s pattern lock, PIN, password or Face Unlock mechanisms.
Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn’t end well or the vendor in question—in this case Oracle. Polish security firm Security Explorations, noteworthy for its Java security research, said today it reported five new vulnerabilities in Java SE 7 to Oracle. If combined, researcher Adam Gowdiak said, they can be used to gain a complete bypass of the Java sandbox.
Kaspersky PURE 3.0 Total Security — Award Winning Technologies Deliver the Ultimate Protection for Your Computer
Evernote, the online service that enables users to store and sync all kinds of data across multiple devices, has become the latest major Web property to suffer a serious intrusion. The company said on Saturday that attackers had compromised some user information, including email addresses and hashed passwords.
With Dennis Fisher out of pocket at the RSA Conference in San Francisco, Ryan Naraine hijacks the Digital Underground podcast and gets on the phone with Kaspersky Lab research guru Costin Raiu to talk about the intricacies of the miniDuke malware campaign.
You are missing some Flash content that should appear here! Perhaps your browser cannot display it, or maybe it did not initialize correctly.
It appears the breach of cloud-based storage service Dropbox last year has spurned another wave of spam over the last week or so. Users began posting complaints on the service’s Bugs and Troubleshooting forum yesterday claiming that their Dropbox-specific accounts started receiving spam again last weekend.
On Thursday the Chinese government, long considered the aggressor in highly publicized U.S. cyberattacks, publicly spoke about being the victim. Two of its military Web sites were attacked an average of 144,000 per month and two-thirds of those strikes came from the United States, according to a ministry spokesman.
The cost of a botnet is contingent largely upon the physical location of the malware-infected computers inside of it. Therefore, a botnet containing only American or European machines is worth more than one with machines from less prosperous nations.
SAN FRANCISCO – People who interact with online services have mounting privacy expectations that run in parallel with their need for a full experience with the functionality central to those services. But can users have their privacy cake and eat it too?
SAN FRANCISCO--The discipline of software security has been gaining traction in a lot of organizations both large and small in recent years, thanks in part to the success that vendors such as Microsoft, Adobe and others have had with it. However, for many companies, the time and money spent on software security initiatives could be put to better use simply fixing flaws after products ship or are deployed, an expert said during a constructed debate.
A series of targeted attacks are continuing to bully a signed Nvidia application into dropping a backdoor that lets attackers root their way through the systems of Tibetan sympathizers.
New espionage malware has been discovered that targets a patched sandbox-bypass vulnerability in Adobe Reader. The attacks have hit a relatively small number of government victims in 23 countries, primarily in Europe, and rely on a string of unusual tactics, including the use of steganography to hide backdoor code, as well as the capability to reach out to Twitter accounts created by the attackers for links to command and control servers.