LATEST ARTICLES

19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

New research shows how an old vulnerability called ROBOT can be exploited using an adaptive chosen-ciphertext attack to reveal the plaintext for a given TLS session. Source: Threadpost

Microsoft December Patch Tuesday Update Fixes 34 Bugs

Microsoft patched 34 vulnerabilities in all on Tuesday with most of the bugs impacting Microsoft Edge, Microsoft Office and Microsoft’s Scripting Engine. Source: Threadpost

New Spider Ransomware Comes With 96-Hour Deadline

A ransomware campaign targeting the Balkans comes with a 96-hour deadline and includes a link to a video that assures victims payments can be made easily. Source: Threadpost

Still Stealing

Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over the next two years we detected several...

Vulnerability Found in Two Keyless Entry Locks

Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology. Source: Threadpost

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger. Source: Threadpost

Android Flaw Poisons Signed Apps with Malicious Code

An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps. Source: Threadpost

Apple Fixes Flaw Impacting HomeKit Devices

Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers. Source:...

Banking Apps Found Vulnerable to MITM Attacks

Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks. Source: Threadpost

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical. Source: Threadpost