There are two memory corruption vulnerabilities in some versions of the VLC open-source media player that can allow an attacker to run arbitrary code on vulnerable machines. Neither one of the vulnerabilities has been fixed by VideoLAN, the organization that maintains VLC. Security researcher Veysel Hatas reported the vulnerabilities to VideoLAN in December and published the […]
Researchers at AdaptiveMobile released a report demonstrating an increase in spam over the WhatsApp messaging app.
Dennis Fisher and Mike Mimoso discuss the security news of the past week, including the proposed changes to the CFAA, David Cameron's encryption comments, the NSA's quasi-apology regarding Dual EC and the Microsoft-Google disclosure feud.
Mozilla released the latest version of its flagship browser this week, Firefox 35, fixing nine vulnerabilities, including three critical bugs.
Police in the UK, working in cooperation with the FBI, arrested an 18-year-old man Friday in connection with recent DDoS attacks on the PlayStation Network and Xbox Live services. The authorities arrested the unnamed man in Southport, and he is being held on suspicion of computer crime and unauthorized access to computer material. UK officials […]
Google Project Zero has disclosed a pair of unpatched Windows vulnerabilities after the expiration of its 90-day deadline. Microsoft said it will patch one bug in February, and both sides agree the second does not merit a security bulletin.
Vague language in the White House's proposed amendments to the CFAA leave the door open to a chilling effect on legitimate security research.
Two Google AdWords campaigns have been hijacked by malvertisers and users are being redirected to fraud sites without even clicking the poisoned ads.
Administration files for Pirelli routers, issued by the biggest ISP in Spain, can be accessed from anywhere putting WPA keys, PINs, certificates and more at risk.
Dennis Fisher talks with Matthew Green of Johns Hopkins University about the NSA's "regret" for continuing to support Dual EC after it had been shown to be compromised, the effects of the agency's influence on crypto standards and the hope for more secure standards in the future.
Two services that allow users to reserve offsite parking spots at airports over the internet announced this week that they recently suffered breaches and its customers’ data may be at risk.
Marriott, which last year paid a $600,000 fine for blocking customers’ WiFi devices in its hotels, has said that it no longer will prevent guests from using personal hotspots or similar devices. The situation resulted from a complaint by a guest who stayed at Marriott’s Gaylord Opryland hotel in 2013 and found that he couldn’t […]