Second HTTPS snooping flaw breaks security for thousands of iOS apps
Attackers can potentially snoop on the encrypted traffic of over 25,000 iOS applications due to a vulnerability in a popular open-source networking library. The …
TrueCrypt security audit is good news, so why all the glum faces?
The ongoing audit of the TrueCrypt whole-disk encryption tool used by millions of privacy and security enthusiasts has reached an important milestone—a detailed review …
This tool can warn you about evil access points nearby
A new open-source tool can periodically scan an area for rogue Wi-Fi access points and can alert network administrators if any are found. The …
Bugs in Tor network used in attacks against underground markets
The operator of an underground marketplace hosted within the Tor network has reported a flaw in Tor that he claims is being used for …
Serious bug in fully patched Internet Explorer puts user credentials at risk
A vulnerability in fully patched versions of Internet Explorer allows attackers to steal login credentials and inject malicious content into users’ browsing sessions. Microsoft …
After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware
Last week, PC maker Lenovo was called out for shipping laptops with adware, called “Superfish,” pre-installed – an incident that led Facebook to investigate …
Fuel tank gauges vulnerable to attackers
The serial port interfaces of nearly 6,000 automated tank gauges (ATG) — 5,300 of them in the U.S. — aren’t password protected, leaving them …
FBI shares info on Sony hack, but doubt in N. Korea theory lingers
This week, FBI director James Comey offered new information on the Sony Pictures hack in hopes of easing public doubts about the bureau’s claim …
Recent Comments