Google has patched another series of Critical vulnerabilities in Android, including a remote code execution (RCE) flaw in mediaserver and several elevation of privilege (EoP) issues in various drivers and components.
read more
The Mobile App is the New Endpoint
The landscape of enterprise endpoints has shifted dramatically in the last few years, as typical endpoints have evolved from laptops to mobile devices—a shift that’s likely to grow as mobile devices offer increased screen sizes and resolutions, better onscreen keyboards and more processing power.
read more
Google Open Sources Vendor Security Assessment Framework
Google Releases Source Code of Security Assessment Questionnaire
Google announced on Monday that it has decided to open source its Vendor Security Assessment Questionnaire (VSAQ) framework to help companies improve their security programs.
read more
South Korea Says North Hacked Phones of Key Officials
South Korea's spy agency said Tuesday that North Korea had hacked into smartphones belonging to a number of key government officials, part of a series of cyber-attacks launched after its fourth nuclear test.
read more
Facebook Password Reset Flaw Earns Researcher $15,000
A researcher says he has earned $15,000 for informing Facebook of a vulnerability that could have been exploited to reset the password of any user account.
read more
WhatHat’s Jeremiah Grossman Leaving Security Firm
Jeremiah Grossman Leaving WhiteHat Security After 15 Years
WhiteHat Security founder Jeremiah Grossman announced on Monday that he will be leaving the application security firm he started nearly 15 years ago.
read more
Pawn Storm Group Targets Turkey
Pawn Storm, the cyber espionage group linked by some researchers to Russia, has recently started targeting government and news organizations in Turkey, Trend Micro reported on Monday.
read more
Seagate Employee Tax Forms Stolen in Phishing Attack
The W-2 tax documents of several thousand current and former employees of data storage company Seagate ended up in the hands of fraudsters after an employee fell victim to a phishing attack.
read more
Continue readingMultiple Passcode Bypass Vulnerabilities Discovered in iOS 9
Apple’s iOS 9.0, 9.1, and most recent 9.2.1 releases contain multiple connected passcode protection bypass vulnerabilities that affect both iPhone and iPad devices, researchers at Vulnerability Lab warn.
read more
Backdoor in WordPress Plugin Steals Admin Credentials
Custom Content Type Manager (CCTM), a WordPress plugin with over 10,000 active installations, recently turned rogue and started stealing admin credentials via a backdoor, researchers at Sucuri discovered.
read more
