News
News
- September 12, 2018
12 Sep'18
Microsoft patches Windows ALPC flaw exploited in the wild
Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched.
- September 12, 2018
12 Sep'18
Jake Braun discusses the Voting Village at DEF CON
The Voting Village at DEF CON 26 expanded its scope to test every aspect of election security that it could. Organizer Jake Braun discusses how it went and what's next.
- September 11, 2018
11 Sep'18
Trend Micro apps on Mac accused of stealing data
Researchers claimed Trend Micro apps in the Mac App Store were stealing data. The company removed the offending features, but researchers are still not sold on Trend Micro's excuse.
-
- September 11, 2018
11 Sep'18
Robot social engineering works because people personify robots
Brittany 'Straithe' Postnikoff studied robot social engineering and found personification of robots can lead to effective attacks, regardless of whether or not AI is involved.
- September 07, 2018
07 Sep'18
Another mSpy leak exposed millions of sensitive user records
News roundup: An mSpy leak has again exposed millions of customer records on the internet. Plus, the FIDO Alliance launched a biometrics certification, and more.
- September 07, 2018
07 Sep'18
Lazarus Group hacker charged in WannaCry, Sony attacks
The Department of Justice charged one Lazarus Group hacker, Park Jin Hyok, for his role in the WannaCry attack, Sony hack, SWIFT banking theft and more.
- September 07, 2018
07 Sep'18
Misconfigured Tor sites leave public IP addresses exposed
The anonymity of Tor is once again under scrutiny, as a researcher finds misconfigured Tor sites can expose the public IP address connected to a dark web site.
- September 06, 2018
06 Sep'18
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.
- September 05, 2018
05 Sep'18
Five Eyes wants to weaken encryption, or legislation may be needed
Five Eyes -- the government intelligence alliance between Australia, Canada, New Zealand, the U.K. and the U.S. -- vows not to weaken encryption, while pushing for encryption backdoors.
- August 31, 2018
31 Aug'18
Another patched Apache Struts vulnerability exploited
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
-
- August 30, 2018
30 Aug'18
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
- August 30, 2018
30 Aug'18
Congress wants CVE program changes from DHS and MITRE
In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight.
- August 29, 2018
29 Aug'18
Windows 10 zero-day disclosed on Twitter, no fix in sight
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
- August 28, 2018
28 Aug'18
Fortnite vulnerability on Android causes disclosure tension
Epic Games patched a Fortnite vulnerability in its Android installer, but Google's disclosure policy comes under fire once again as Epic Games' founder called the disclosure 'irresponsible.'
- August 24, 2018
24 Aug'18
NSA leaker Reality Winner sentenced to five years in jail
NSA leaker Reality Winner sentenced to 63 months in prison for releasing classified documents detailing an attack by the Russian military against U.S. election systems.