vulnerabilities

One can find a number of reasons why this very bug cannot be patched right now, or this quarter, or, like, ever. Yet, the problem has to be solved.

Three most important recent news with extensive commentary and trolling: nasty Android Stagefright vulnerability, new car hacks and Do Not Track 2.0 privacy initiative

Researchers compete at finding security holes in infotainment systems of connected cars and breaking in. The new case proves that Tesla does care a lot about security at wheel.

Recently we wrote about the Jeep Cherokee hack incident. At Black Hat security researchers Charlie Miller and Chris Valasek finally explained, how exactly the now-famous Jeep hack happened.

Apple patched a serious issue in its App Store and iTunes Store, which could have undermined many of the businesses working in this ecosystem.

If it is not possible to get rid of a risky software for some reason, it is better to exist in a “presumption of guilt” mode, with an efficient security solution keeping it in check and preventing exploits from successful attacks, targeted ones included.

Taking over a Jeep Cherokee driving at speed 70 mph at a remote highway is quite real.

The web service for secure password storage, LastPass, asks users to change their passwords ASAP.

The primary issue here is the real cost of free offers. Hola’s stance is almost honest: You want free services? You have something that is of use to us – your idle or not-so-idle resources. If you don’t want them to be used by us, there is a paid tier for you.

Much has been said about the VENOM vulnerability, which is part of the new-age phenomena of Virtualization.

In this talk security podcast, Chris Brook and Brian Donohue discuss the upcoming Security Analyst Summit, Flash zero days, the Ghost vulnerability and the Anthem breach

In this Talk Security podcast, Threatpost’s Chris Brook and Brian Donohue discuss the move to encrypt the Web, the Regin APT campaign and more.

Microsoft has patched yet another bug in OLE, this time one that’s 19-years-old. While it is extremely surprising this bug hadn’t been discovered earlier, the crucial question here is the use of the underreviewed legacy code that developers have to drag along for decades.

Yesterday, researchers disclosed a powerful iOS vulnerability that is responsible for the WireLurker Apple malware.

Vulnerabilities vary. Some are considered critical, some – less problematic; their severity is determined by a few well-known factors such as ease of exploitability and popularity of software. But, no matter their differences they all require serious attention at a constant level, so that when the next Shellshock-like incident occurs, it won’t take cybersecurity world by surprise.

The Bash vulnerability affecting Unix, Linux and OS X systems is the latest Internet-wide bug to emerge, and a number of experts are saying it’s more dangerous than OpenSSL Heartbleed.

Your data is the finest treasure on your computer. Protect it the way the secret service protects a president, create a robust defense system where an antivirus will be just the last line of defense.

Can we beat software vulnerabilities? It is not possible to do so completely, but there are ways to mend the issue.

The story of a researcher who wanted to see how vulnerable he actually was.

Windows XP’s longevity is fascinating – and terrifying from the security point of view. The latest survey shows it’s still around – over 16% of KSN users still use Windows XP, but it is also clear that its epoch is near the end.

Unpatched flaws in Android make your device vulnerable to “Invisible” infection. You better find out now in order to protect yourself.