vulnerabilities

Four years after the discovery of the Stuxnet worm, the primary vulnerability it had been exploiting is still around. This is mainly the problem of poorly maintained Windows XP PCs and servers, most likely inhabited by worms. In the interconnected world a neglected PC or a server is a possible problem for many people.

Car hacking is back and Charlie Miller and Chris Valasek no longer have to plug their computers into the cars to make them do their bidding.

Making a case for password reuse, Google hiring hackers to fix the Internet, Apple bolsters security across its services with strong Crypto, plus various fixes and more.

New analysis pinpoints some weaknesses in a new generation of cars with online capabilities. If exploited, this may result in car theft and other problems.

This week: the first mobile malware turns 10; we check in on Android security news and recent data breaches; and we fill you in on the week’s patches.

A serious elevation-of-privileges vulnerability had been discovered in Linux in late April. Bugs like this are especially problematic for businesses, and require a prompt reaction.

A serious cross site scripting vulnerability was discovered in the popular Twitter application TweetDeck today. Users should revoke access to that app on Twitter as soon as possible.

Many Internet-connected smart home systems contain vulnerabilities that could expose the owners of those systems to physical and digital theft.

OpenID and OAuth are protocols responsible for those “Login with Facebook” and “Authorize with Google” buttons you see on almost every site nowadays. Of course, there is a hack for that™, but you don’t need neither panic nor change your password. Read on for our simple action plan.

On Friday, Apple released an urgent update to iOS 6 and 7. The only fix in the update is well worth bothering yourself with the update process, and doing it

The Internet of Things is the latest term used to define all kinds of consumer electronics connected to the Internet – from refrigerators and washing machines to irons. Just like

About 39% of commercial companies in the past two years have experienced information security incidents generated by vulnerabilities in legitimate software. This data is presented in the survey “Global Corporate

An apparent flaw in Apple’s new operating system for its mobile devices allows anyone to access a user’s contact information and social media accounts without entering the security code to

The second half of July roused Android users as two very serious and unpleasant vulnerabilities were discovered. Researchers announced these so-called “master keys,” i.e. universal access to any Android device,

Kaspersky Lab expert Denis Maslennikov explains the vulnerabilities and possible threats of mobile banking apps.

If Achilles’s heel was his vulnerability in the Iliad, then Paris’s poison tipped arrow was the exploit. Quite literally, an exploit is the device or – more often than not

Kaspersky Lab’s  Automatic Exploit Prevention technology scans the vulnerabilities in your programs and block any suspicious actions before they cause any harm.

David Lenoe, Adobe PSIRT group manage, discusses the Sandbox bypass press release which offered only partial disclosure, leaving much to be left unaddressed in terms of potential vulnerabilities. [youtube http://www.youtube.com/watch?v=kMnF3xDnAQg&feature=youtu.be?rel=0]

Software vulnerabilities are published every day, by the hundreds, and most users don’t think much about them, aside from them time it takes them to update their software. But when