The OpenSSL developers have released versions 0.9.8o and 1.0.0a, fixing two security problems. A flaw in the ASN.1 parser can be exploited to write to invalid memory addresses using specially crafted "Cryptographic Message Syntax" (CMS) structures. The flaw potentially allows arbitrary code to be injected in order to compromise a system. CMS is not enabled by default in the 0.9.8 branch of OpenSSL, but it is enabled in the 1.0.0 branch.
Adobe's Photoshop Creative Suite 4 image-editing software has critical vulnerabilities that could let hackers take control of Macs with the suite installed. Graham Cluley, a security researcher, said the security risk lies in infected ASL, ABR, and GRD files that can cause you to surrender control of your Mac to a remote hacker.
Adobe Systems has stated that they are considering releasing security updates for their applications more frequently.
Adobe is getting heavily criticized for the bugs that are being discovered in their Acrobat and Reader applications. PDF format has become the latest tool to spread malware on the web.
When it comes to iPhone jailbreaking and unlocking only few iPhone hackers you can trust for e.g iPhone Dev team, Geohot & Chronic dev team. Even after repetitive warnings from iPhone dev team on newly released fake tools, users keep falling into the trap of those malicious & attention seeker fake iPhone hackers.
Carnegie Mellon University's CERT (Computer Emergency Response Team) has released a basic fuzzing framework to help identify and eliminate security vulnerabilities from software products.
The Basic Fuzzing Framework (BFF), available here, is described as a simplified version of automated dumb fuzzing and includes a Linux virtual machine that has been optimized for fuzz testing and a set of scripts to implement a software test.
Blizzard founder, Frank Pearce reckons that fighting piracy with DRM is a losing battle.
His company - which is responsible for the biggest videogame of all time, the worryingly-addictive online fantasy role player World of Warcraft - is to release Starcraft 2 on July 27th and Pearce has told Videogamer that the title won't be hobbled with the kind of crazy copy protection schemes which have made Ubisoft very unpopular in gaming circles of late.
Google has unveiled details of Android 2.2, promising that it will be faster, enable developers to add security and able to turn the phone into a WiFi hotspot.
Xavier Ducrohet, Android SDK Tech Lead, said a new Dalvik JIT compiler in Android 2.2 - code named 'Froyo' (Frozen yogurt) - would deliver between a two and five times the performance of Android 2.1 in CPU-bound code.
A researcher with anti-virus software vendor Sunbelt, Christopher Boyd, has recently discovered a tool that facilitates in building armies of bots which take their instructions from specific Twitter accounts, as per the news published by The Register on May 13, 2010.
The tool, known as TwitterNET Builder, creates malicious executables which hackers can forward to the systems of other users. They can either send mails with file attachments or send the instant messages bearing links to the infected executables.
Journalists and computer programmers teamed up in San Francisco over the weekend to see what kind of news-related iPad apps they could come up with in the space of 48 hours. Modeled on 48-hour film projects, the competition—called Hacks/Hackers Unite—came up with 12 different apps, including winner "Who's Reppin' Me?" which uses geolocation to identify who your representatives are and then pull in news stories about them and allow you to communicate with them via Twitter.
The official Twitter application for the iPhone is now available for free on the iTunes App Store. The announcement made on Twitter's blog, the social networking site points out that unregistered users can use most of the main features on Twitter. New users to Twitter are able to sign up to the service within the app, without the need to visit the full website.
