Apple has released an emergency security update for its iOS operating system to address a serious vulnerability affecting the Wi-Fi component.
According to the tech giant, the flaw is a stack-based buffer overflow that allows an attacker who is within range to execute arbitrary code on the Wi-Fi chip.
read more
IAAF Says Russia-Linked Hackers Accessed Medical Records
The International Association of Athletics Federations (IAAF) revealed on Monday that athletes' medical records were accessed in an attack the organization believes was carried out by the Russia-linked cyber espionage group known as Fancy Bear.
read more
New “USB Canary” Keeps Close Watch on USB Ports
New "USB Canary" Tool for Linux Monitors USB Ports 24/7
A new open source tool can provide Linux users with the ability to receive an alert any time someone attempts to plug a device into one of their machine’s USB ports.
read more
Splunk Patches Information Theft and XSS Flaws
Splunk last week released an update for Splunk Enterprise to address an information theft bug and a persistent Cross Site Scripting (XSS) vulnerability.
read more
UEFI Vulnerabilities Found in Gigabyte Mini PCs
Endpoint security firm Cylance has disclosed the details of two potentially serious UEFI vulnerabilities that can be exploited to install a backdoor on some Gigabyte BRIX mini PCs. The vendor is working on a firmware update that will address the flaws.
read more
APT29 Uses Stealthy Backdoor to Maintain Access to Targets
Researchers at FireEye-owned Mandiant have conducted a detailed analysis of a stealthy backdoor used by the Russia-linked cyberespionage group APT29 to maintain access to targeted systems.
read more
Social Media Passwords Provide Easy Route into Corporate Networks
A combination of 'security fatigue' among users and inadequate password controls among the social media giants is providing a large attack vector for cybercriminals. This is the conclusion of a newly published survey that queried more than 250 security professionals at the RSA Conference in San Francisco in February 2017.
read more
Android Ransomware Employs Advanced Evasion Techniques
A newly discovered Android ransomware family employs heavy obfuscation and delayed activation of malicious functionality to ensure it can evade anti-virus solutions, Zscaler security researchers warn.
read more
Fake Flash Player Ads in Skype Lead to Malware
Skype users appear to have been targeted in a recent malvertising campaign that was aggressively pushing malware hidden behind a fake Flash Player package.
read more
No Prizes Awarded in Google’s Android Hacking Contest
Google reported last week that its Project Zero Prize contest was not as successful as the company hoped it would be – no valid Android exploits were submitted and no prizes were awarded.
read more


