If you have an Android, keep an eye out for updates from your vendor or carrier – there are some critical security patches out.
Google has fixed 12 vulnerabilities affecting Android versions 4.4.4 through 6.0.1, including five rated as “critical” – the designation for the worst kind of security bug.
Dutch security researcher Guido Vranken has published a paper in which he details a new attack method on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams.
Mr. Vranken describes the HTTPS Bicycle Attack as a method through which an attacker can inspect HTTPS traffic and be able to determine the length of some of the data exchanged underneath the TLS protection layer.
A security vendor says it discovered a flaw in Comcast's home security system that could let criminals break into houses undetected by using radio jamming equipment. The vendor, Rapid7, says it alerted Comcast to the problem two months ago but never received a response from the company. However, Comcast told Ars that Rapid7 e-mailed the wrong address.
The group that claimed responsibility for taking down the BBC's global website last week has said the attack was "just the start."
On Saturday, a group calling itself New World Hacking also claimed responsibility for an attack that downed Republican presidential candidate Donald Trump's campaign website for about an hour.
Software vulnerabilities are a daily event it seems, but some systems just have more of them. When we think of this a couple of names usually spring to mind -- Flash and Java. However, according to the new list being published by CVE Details, they aren't quite at the top, nor is Microsoft's oft-maligned operating system.