A fresh Android vulnerability dubbed “occupy your icons” by mobile researchers has been uncovered. It allows a malicious app to replace legitimate Android home screen icons with fake ones that point to phishing apps or malware-serving websites.
14 April 2014
Heartbleed, a vulnerability in the OpenSSL crypto software library, has left millions of websites potentially vulnerable to data leakage, in what some security experts are calling the most significant security problem in recent memory.
11 April 2014
A series of bots have invaded the Android version of dating app Tinder, and are spreading dangerous downloads after luring users with tempting profiles and pictures stolen from an Arizona-based photography studio.
05 April 2014
Apple has fixed 25 memory corruption security flaws in the WebKit framework, with an update to its Safari web browser for Mavericks. Most of the issues could result in remote code execution.
03 April 2014
Connected cars are continuing to wheel their way into consumer lives, with some, like Elon Musk’s Tesla line of electric vehicles, serving as prototypes for the Internet of Things (IoT)-enabled future. Sleek, sustainable and connected, the Tesla Model S is a futuristic automobile, with a robust set of communications capabilities. But because it connects with car owners and the Tesla infrastructure using a variety of TCP/IP mechanisms, one researcher is highlighting potential security issues.
01 April 2014
Bad piggies may need to be toppled, but fans of the ubiquitous Angry Birds mobile app should be aware that the popular game collects and shares players’ personal information much more widely than most people realize.
28 March 2014
For the first time, NTT has pooled the resources of its group companies and produced a threat report based on an analysis of 3 billion attacks. What it found is that while attackers move faster than defenders, and there are still many basic processes and procedures that companies are failing to implement.
27 March 2014
Governments could lose more than $50 billion in 2014 thanks to costs associated with malware in pirated software, according to a study by the National University of Singapore (NUS) and research firm IDC.
24 March 2014
John Cartwright, the operator of Full Disclosure, announced yesterday that he has shut down the mailing list. His own post, 'Administrivia: The End', is the final entry. It was always a controversial service, frequently publishing vulnerability details before vendors had patches available, but the manner of its passing has surprised many.
20 March 2014
Last November it became known that Twitter was working to encrypt direct messages (DMs) between users in response to NSA/GCHQ snooping. Although general Twitter posts are entirely public, DMs (direct tweets between connected users) are considered to be a private form of messaging. Now it is reported that Twitter has quietly shelved DM encryption plans.
20 March 2014