News & Features
Tuesday, 16 Jul 2013
Android's rudimentary backup feature saves Wi-Fi passwords in plain text on Google servers. This is not in itself news, but it takes on new significance in the light of PRISM
more »
Compromising ASUS routers on which the storage service AiCloud is activated is apparently a simple matter. Attackers can access private data and even navigate around the local network
more »
Monday, 15 Jul 2013
Network Security Services (NSS), the collection of cryptographic libraries which is used, among others, by Mozilla's Firefox browser, now supports TLS 1.2. This enables the use of TLS with HMAC-SHA256 ciphers
more »
A second hole in Android's signature validation has been disclosed, though there are greater limitations to the new technique. Google and CyanogenMod have patched the holes but how other vendors will handle it is to be seen
more »
The organisers of the Black Hat conference have attracted the director of the American NSA, General Keith Alexander, as a keynote speaker. This has caused controversy
more »
Version 2.0.65 will be the last update to Apache's HTTP Server 2.0. Those who still use it must act now: a security problem will remain unresolved
more »
Saturday, 13 Jul 2013
In the week ending 13 July - Hardware destruction, OS switcharound, Open Source laptops, Android code-signing holes, shiny new Chrome, vulnerability custody fights, language surveys and zombie backdoors
more »
Friday, 12 Jul 2013
Microsoft is alleged to have taken steps to ensure that the NSA had continuous access to services such as Skype and Outlook.com. Microsoft is adamant that it only cooperated with the authorities where legally required to do so
more »
HP has admitted that its StoreVirtual servers also contain an undocumented backdoor. The problem will be remedied by a soon-to-be-released patch
more »
Thursday, 11 Jul 2013
DEF CON, the world's biggest hacker conference, is asking federal agents not to attend this year. The organiser says his request is a result of the current discussions about the NSA's eavesdropping operations
more »
Should your friends and acquaintances send you a contact file called "Priyanka" via WhatsApp, don't accept it, otherwise everyone in WhatsApp will become Priyanka
more »
Some Avira users are unable to use their web browsers without first disabling Web Protection. A reinstall helps users, but doesn't solve all their problems
more »
Wednesday, 10 Jul 2013
Now users can check if their Android device is vulnerable to the signing flaw which has been called a "master key" to the mobile operating system by the authors of the scanner, who also reported the flaw to Google
more »
Google's Chrome 28 browser is the first to use the new Blink engine, which is designed to offer faster page loading. Also new is a notification feature that even informs users when Chrome isn't running
more »
A dispute that has culminated in blog posts and messages on Reddit is raging between Secunia and VLC. The developers and the security firm have had differing views on an advisory since December 2012
more »
Adobe releases updates and two hotfixes to close various security holes in its products. All operating systems are affected
more »
Until recently, the emergency alert systems that enable the US president to broadcast via TV and radio stations in cases of emergency contained a hair-raising security hole
more »
Microsoft releases seven patch packages to close a total of 34 holes in Windows, Internet Explorer, Office and other products. Among them is a patch to fix the privilege escalation hole in the Windows kernel that has been known about for over a month
more »
Tuesday, 09 Jul 2013
In a perfect example of miscommunication of malware infecation and impossible demands for assurances, a US government department set about destroying all their hardware, only stopping when they ran out of budget
more »
An exploit is available for the Android signing hole which allows an attacker to manipulate the contents of an APK file without disturbing the signature of the archive
more »
Monday, 08 Jul 2013
Fixes to the Android fork CyanogenMod cast light upon the "masterkey" flaw and revealed it to be a simple trick of putting two same-named files in an archive. The challenge for Google is how to mitigate any exploitation and get updates to users
more »
Bad apps in sheep's clothing, keyjacking, a $20,000 Facebook hole, an exploit source, traces of Tor, and a birthday celebration
more »
Saturday, 06 Jul 2013
In the week ending 6 July - the 3.10 Linux kernel and Fedora 19 are released, Ubuntu's Mir plans raise eyebrows, the first Firefox OS phones arrive in the market, and German intelligence services are spying on the country's backbone
more »
Friday, 05 Jul 2013
By a large majority, the EU Parliament has adopted the EU Commission's draft directive on attacks against information systems
more »
Seven updates, six critical holes and one important privilege escalation mean next Tuesday is going to be busy for system administrators of Windows systems
more »