Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

The Google Admin application – which allows users to manage their Google for Work accounts from their Android devices – contains an unpatched vulnerability that can be exploited to read data from any file within the Google Admin sandbox. The vulnerability – identified by security researchers with MWR Labs and deemed medium in severity – impacts Google Admin version 2014101605 and lower, Rob Miller, senior security researcher with MWR InfoSecurity, indicated in an advisory published...

Read moreDetails

Only 47% of respondents to a security conference survey said confidence in their organisations’ ability to detect and respond to a cyber attack had risen in the past 12 months. Nearly two-thirds of organisations are potential targets for nation-state cyber attacks, according to a survey of more than 200 attendees of the Black Hat USA 2015 security conference in Las Vegas. Some 86% of respondents of the survey conducted by security firm Tripwire said targeted attacks on their networks...

Read moreDetails

If you're using OS X Yosemite, watch out for malware exploiting a new way to take complete control of your Mac. A vulnerability has been found in Apple's operating system that allows ordinary software on the computer to gain all-powerful root privileges, allowing dodgy apps to install new programs, create users, delete users, trash the system, and so on, without the owner's permission. Someone who describes themselves on Twitter as an 18-year-old Italian called Luca...

Read moreDetails

Smartwatch manufacturers are failing to secure sensitive data on their devices, warned a Trend Micro report. The IT security firm said that smartwatches running Google's Android Wear and even the Apple Watch are not as secure as they should be. The research looked at devices from Apple, Samsung, Motorola, LG, Sony, Asus and Pebble to see how they fared when it came to physical and information security. The devices were updated to the latest operating...

Read moreDetails

Some of the most widely used BitTorrent applications, including uTorrent, Mainline, and Vuze are also the most vulnerable to a newly discovered form of denial of service attack that makes it easy for a single person to bring down large sites. The distributed reflective DoS (DRDoS) attacks exploit weaknesses found in the open BitTorrent protocol, which millions of people rely on to exchange files over the Internet. But it turns out that features found uTorrent,...

Read moreDetails

Adobe has paid an undisclosed amount to settle customer claims and faces US$1.2 million in legal fees after its 2013 data breach which compromised the details of 38 million users. The creative content king was served a November 2013 class action lawsuit filed in California in which it is claimed "shoddy" security practises lead to the breach. The breach occurred when hackers raided a backup server on which they found, and subsequently published, a 3.8GB...

Read moreDetails

While Microsoft offers users a free upgrade to its Windows 10 operating system, its flashy new offerings come packaged with something more sinister: settings that have privacy advocates concerned. The company's new privacy policy, the checkbox of which is automatically checked during upgrades, allows for tons of data to be sent back to Microsoft, including users' locations and typing patterns. Much of this data relates to the built-in digital assistant Cortana. That said, some of these...

Read moreDetails

The US National Security Agency has used a unique, decades-old partnership with AT&T to snoop on Internet usage, according to newly disclosed documents leaked by Edward Snowden. The documents provided by the former NSA contractor and reviewed by The New York Times and ProPublica described a "highly collaborative" telecom giant that demonstrated an "extreme willingness to help." The Times said it was unclear whether the programs are still operational in the same way today. The...

Read moreDetails

Two Borg assimilators have discovered five denial of service vulnerabilities in Apple's QuickTime. The five vulnerabilities (CVE-2015-3788 to 3792) affect the latest version of QuickTime up to the patched 7.7.7 for Windows 7. Ryan Pentney and Richard Johnson of Cisco's Talos security talon reported the memory corruption holes which manifest due to improper handling of objects in memory. "An adversary who crafts a specifically formatted .MOV file can cause QuickTime to terminate unexpectedly, creating a...

Read moreDetails

Researchers from the Georgia Institute of Technology College of Computing developed a new cyber security analysis method that discovered 11 previously unknown Internet browser security flaws. Their findings were honored with the Internet Defense Prize, an award presented by Facebook in partnership with USENIX this week at the 24th USENIX Security Symposium. Their research, "Type Casting Verification: Stopping an Emerging Attack Vector," explores vulnerabilities in C++ programs (such as Chrome and Firefox) that result from...

Read moreDetails
Page 378 of 630 1 377 378 379 630