Security experts have warned that 2,000 Android and iOS apps are still vulnerable to the much publicized FREAK flaw over a fortnight after it was first disclosed, exposing billions of users to data loss.
FireEye researchers scanned 10,985 Google Play Android apps with more than one million downloads each and found 1,228 (11.2%) were still vulnerable to FREAK.
Held once again at De Beurs van Berlage, HITB2015AMS takes place from the 26-29 May 2015 and runs alongside HITB Haxpo, a 3-day technology expo for hackers, makers, builders and breakers. The agenda for this year's event is outstanding, here are some highlights:
It has become a familiar pattern: The computer system of a big American company is breached, the personal information of tens of millions of customers is stolen and a public outcry ensues. Rarely are the thieves caught.
But last summer’s attack on JPMorgan Chase — which resulted in hackers gaining access to email addresses and phone numbers for 83 million households and small businesses — may break that pattern of investigative dead ends in large corporate breaches.
Amidst a series of Apple-occupied offices in the town of Sunnyvale, Calif., is a mysterious company named SixtyEight Research, which has a limited online presence and recently renovated its facilities to add a "repair garage." This, accompanied by sources who say it's located in the office complex is where Apple is working on its secret electric car project, has led to speculation that Apple is using SixtyEight as a cover.
Authors: Guillaume Dedrie, Fernand Lone-Sang, Alexandre Quint - Quarkslab
A security flaw in a popular WordPress plugin has been patched, preventing hackers from potentially taking over an entire blog installation.
Yoast, the maker of the popular "wordpress-seo" plugin for the blogging platform, said it has patched a cross-site request forgery flaw that allowed a blind SQL attack. That could've allowed a hacker to modify the back-end database, which might have allowed the insertion of malware, adware, spam links, or other unwanted content.
Hackers have jumped on the unveiling of the Apple Watch as a chance to phish for data through social networks, according to the security vendor Malwarebytes.
Victims are said to be lured into the scam through the promise of a free Apple Watch, but instead are redirected onto a labyrinthine series of links, in what appears to be a phishing exercise to collect people's details.
A renowned lawyer is taking Toyota, Ford and General Motors to court over alleged security flaws that will put drivers in danger.
Attorney Marc Stanley, representing three of the carmaker’s customers in San Francisco, claims the manufacturers turned a blind eye to security vulnerabilities, leaving “cars to be hacked and control wrested away from the driver”, the Dallas Morning News reported.
With the latest Patch Tuesday release, Microsoft is fixing the FREAK vulnerability that could help attackers intercept secured network communications.
The security bulletin is one of 14 Microsoft issued Tuesday, five of which are marked critical, meaning administrators should apply them as quickly as possible.
The Apple Watch can do a lot of things — monitor your heart rate, buy stuff with Apple Pay and even open your garage door.
So how does the wearable, which goes on sale April 24, make sure that you — and not someone who has stolen your Apple Watch — are the one doing those things? While we don't know too much about how the Apple Watch will tackle privacy concerns, the company has a few elements in place to make sure the device is secure.
