The OpenSSL Foundation has fixed a series of new vulnerabilities, two of them considered critical. Organizations are invited to apply patches asap. The Open SSL has provided a collection of updates for its libraries to fix a series of new vulnerabilities recently reported. The exact number of vulnerabilities affecting OpenSSL is 6 and two of them are […]
Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software. GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer. News of the day is that the widely used cryptographic library is vulnerable […]
A new alarm on car hacking issued by the security community, the white hat Jonathan Brossard warns cars can be hacked on the road remotely. Car hacking is possible, I have proposed different works presented by security experts that demonstrate how to compromise modern vehicles with cheap environment. Modern cars have a huge quantity of components connected […]
A Portuguese security expert has uncovered the Cupid attack, a new Heartbleed attack vector which can impact Android devices, enterprise wireless networks and other connected devices. Cupid is the name of the new Heartbleed attack method recently proposed by Portuguese security researcher Luis Grangeia, unlike the original version of the attack, which took place on TLS connections over TCP, […]
Security Experts discovered a new attack method to defeat Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface). The Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface) can be circumvented on around half of PCs that use it, security researcher Corey Kallenberg from nonprofit research organization Mitre has demonstrated it at […]
Security researchers at Sucuri firm have discovered multiple serious vulnerabilities in the popular ‘All In One SEO Pack’ plugin for WordPress. WordPress in one of most targeted CMS platforms due its large diffusion, attackers are able to compromise victim instance exploiting flaws in outdated version or in vulnerable plugins . The Netcraft internet services company, in […]
A recent research conducted by experts at Lastline Labs have demonstrated that AV alone is not enough to protect computers from zero-day malware. A recent research conducted by security company Lastline Labs revealed that only 51% of security solutions tested in a study are able to detect zero-day malware. Experts at Lastline Labs have analyzed hundreds […]
FireEye has issued data which show the intensification of activities in the cyberspace correspondent to geopolitical tension between Russia and Ukraine. The Geopolitical dispute between Russia and Ukraine has its correspondence in the cyberspace, principal security experts have observed an increase in the number of cyber attacks between the two countries. Cyber units on both sides may be actively engaged in […]
Encryption Tool TrueCrypt shuts down mysteriously, a message on the official SourceForge-hosted page is encouraging users to adopt Microsoft Bitlocker. TrueCrypt, another myth is falling down? Many TrueCrypt users have had a nasty surprise visiting the TrueCrypt page at SourceForge, the page content warns visitors that the open source encryption software is not secure and that its […]
Researchers at SEC Consult Vulnerability Lab discovered that Nice Recording eXpress lawful intercept software contains numerous flaws, including a backdoor. Nice Recording eXpress voice-recording package software used by law enforcement to intercept communications of suspects under investigation contains various flaws, this is the discovery of security researchers at SEC Consult Vulnerability Lab. The researchers have recently published an […]