Items tagged with vulnerability
There might not be a storage medium that's definitively indestructible, or perfectly reliable, but solid-state storage would rank near the top. A hard drive, for example, might be able to house a large amount of data, but if it's dropped to the ground, or its host PC is bumped hard enough, all of that data could...
Read more...
Last Friday, we reported on a major cyberattack involving ransomeware that hit a large number of computers - including some belonging to the UK's National Health Service. At first, the malware's reach wasn't too clear, but as the weekend went on, we learned that the number of affected PCs reached at least 200,000...
Read more...
We can't seem to go a single week without news of a severe vulnerability out there in the wild, and it looks like our streak isn't about to end. Not too long ago, a number of NSA-derived tools were released online, giving us an idea of how desperate the folks at one of the US government's leading intelligence agencies...
Read more...
What's that in the air? Could it be the smell of egg nog and pine? Nope, it's Microsoft Patch Tuesday, of course! This month's rollout is rather large and notable for a number of reasons. However, what matters most is that if you're not up-to-date yet, you'll want to take a little trip to the Windows Update section...
Read more...
As unfortunate as it is, it's really hard nowadays to be shocked at the thought of someone getting infected with malware, or even a piece of ransomware (which can now even affect Linux). It is still possible to get shocked though, with Betabot proving it for us. This piece of malicious software doesn't just fetch user...
Read more...
If you operate a Web server that runs on Linux, we're here to give you a bit of a prod in case you haven't updated it in a while. A piece of ransomware called FairWare is floating around, and as you'll soon see, its name is ironic as it's anything but "fair".
Reports are coming in of users who have been struck with...
Read more...
We reported earlier this week on a large collection of exploits that have been put up for auction by a group that calls itself Shadow Brokers. The promise was that all of the files were sourced from a secret NSA group called Equation Group, and now, Edward Snowden has released documents to prove that's just the...
Read more...
We wrote a couple of days ago about a huge treasure trove of alleged NSA-derived exploits that were hitting the market. That gold mine was accessed by a group calling itself Shadow Brokers, and it's been said that their source was Equation Group, which is believed to be an extension of the NSA.
At that time, there...
Read more...
Nothing beats wireless for convenience, but whenever you transmit important data through the air, there's a risk that someone could be nearby, ready to intercept the signals before they reach their destination. If this sounds familiar, it might be because we talked about this very thing earlier this year, when...
Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just...
Read more...
It's beginning to look like some rather sophisticated hackers have made their way into Apple's core and crippled iCloud security so severely that some iPhones have essentially been held hostage. A few iPhones here and there might not seem like a big deal, but ultimately, there could be a staggering 40 million iCloud...
Read more...
We wrote earlier about the kind of success Google has been seeing with its Android bug bounty program -- success that has led the company to actually increase its rewards. Over the years, we've seen other major companies offer bug bounties as well, such as Facebook and Microsoft, so it's clear that they can provide...
Read more...
If you've shopped at Acer's US website at any point between May 12, 2015 and April 28, 2016, you have immediate reason for concern. Acer has just revealed to the California Attorney General's office that its ecommerce servers were hit last spring, and remained vulnerable up until this spring. Unfortunately, this isn't...
Read more...
It has been suggested that the microprocessors we use each and every day could pack in a bit more than we bargained for; namely, the tools needed for spying or undetectable access. And unfortunately, according to security researcher and developer Damien Zammit, there's a potential reason to be concerned over the "ME"...
Read more...
The greatest benefit wireless peripherals offer is what they help cut down on: wires. Fewer wires means that our desktops are easier to keep clean, and we're not kicking wires as often under our desk. It's a win-win overall. Or is it? As with most things convenient, wireless peripherals can suffer exploits just like...
Read more...
It's not often that people feel compelled to side with Google on the topic of privacy, but the company's newest CEO, Sundar Pinchai, gives us a great reason to. As Brandon covered in great detail yesterday, Apple has been ordered by U.S. Magistrate Judge Sheri Pym to provide the FBI access to an iPhone 5c that was...
Read more...
If you're surfing the Internet with a browser (a rarity, we know), there's a new bug to be cautious of. With a bit of simple JavaScript, a browser's HTML5 History API can be called upon thousands of times, ultimately causing a meltdown. Of course, a dedicated website (CrashSafari.com) exists to act as a proof of...
Read more...
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of software that's used by the vast majority of notebook
Read more...
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most often, customers do not have control over the firmware in such devices. If a...
Read more...
Security firm Lookout has just revealed what could be one of the most hard-hitting pieces of malware to ever hit Android. It doesn't have an official name, except to be referred to as "trojanized adware", and right from the top, we can tell you that if you only stick to downloading apps through Google's Play Store...
Read more...
Mere days after it was revealed that crowdfunding website Patreon had been breached, the entire collection of stolen digital goods has been posted online. Making this leak even more severe than typical ones is that not only is user account information included, but so too is some site source code (or potentially all...
Read more...
Where computer security is concerned, it almost seems like unauthorized access can be granted via an unlimited number of ways. While computer security in the home is obviously very important, having good defenses in the enterprise market is paramount. In some cases, slipping up could result in the loss of millions of...
Read more...
