Techmeme

Results 101 - 110 of about 584:

Dan Goodin / Ars Technica:
Mac apps using Sparkle, a third-party updating service, are subject to MITM attacks, affected apps include Camtasia, uTorrent, DuetDisplay, and Sketch   —  “Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive  —  Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks.
Feb 9, 2016, 4:12 PMIn context
Dan Goodin / Ars Technica:
eBay tells security firm it has no plans to fix bug that lets attackers bypass restrictions on auction pages and run custom JavaScript   —  eBay has no plans to fix “severe” bug that allows malware distribution  —  Clever “JSF**K” technique allows hackers to bypass eBay block of JavaScript.
Feb 3, 2016, 12:25 PMIn context
Dan Goodin / Ars Technica:
LG patches data-theft vulnerability discovered in Smart Notice, a preinstalled app on the G3 affecting an estimated 10M phones   —  LG closes data-theft hole affecting millions of G3 smartphones  —  Bug allows attackers to embed malicious code in data fed to phone.
Jan 28, 2016, 11:35 PMIn context
Dan Goodin / Ars Technica:
iOS cookie theft bug that allowed hackers to impersonate users fixed by Apple after 2.5 years   —  iOS cookie theft bug allowed hackers to impersonate users  —  Apple fixes vulnerability 2.5 years after receiving private report.  —  Apple has squashed a bug in its iOS operating system …
Jan 21, 2016, 10:30 AMIn context
Dan Goodin / Ars Technica:
Researchers disclose an almost three year old privilege escalation bug in the Linux kernel that imperils millions of PCs, servers, and Android phones   —  Linux bug imperils tens of millions of PCs, servers, and Android phones  —  Vulnerability allows restricted users and apps to gain unfettered root access.
Jan 20, 2016, 12:25 AMIn context
Dan Goodin / Ars Technica:
OpenSSH patches critical flaw that allows a malicious server to force clients to leak private keys   —  Bug that can leak crypto keys just fixed in widely used OpenSSH  —  Vulnerability allows malicious servers to read memory on connecting computers.  —  A critical bug that can leak secret …
Jan 15, 2016, 11:50 AMIn context
Dan Goodin / Ars Technica:
Researcher: Apple only blacklisted programs exploiting the Gatekeeper vulnerability instead of fixing the underlying cause   —  How malware developers could bypass Mac's Gatekeeper without really trying  —  New researcher pokes holes in Apple's whack-a-mole approach for fixing Gatekeeper.
Jan 15, 2016, 11:25 AMIn context
Dan Goodin / Ars Technica:
Researchers find older versions of Fortinet's firewall software allow remote access using a hard-coded password; company says issue resolved via patch in 2014   —  Et tu, Fortinet?  Hard-coded password raises new backdoor eavesdropping fears  —  Discovery comes a month after competitor Juniper disclosed unauthorized code.
Jan 12, 2016, 8:15 PMIn context
Dan Goodin / Ars Technica:
Google removes 13 apps from Play Store after researchers found they made unauthorized downloads and tried to gain root privileges   —  Malicious apps in Google Play made unauthorized downloads, sought root  —  Apps with as many as a million downloads removed following their discovery.
Jan 7, 2016, 10:25 PMIn context
Dan Goodin / Ars Technica:
Target's mobile wish-list app exposed sensitive personal data, using an API that lacked authentication   —  Wish list app from Target springs a major personal data leak  —  Database is available over the Internet, no password necessary, researchers say.  —  The next time a friend …
Dec 16, 2015, 4:15 PMIn context

Sponsor Posts

Wavefront by VMware:
Metrics and Analytics by Wavefront by VMware: Enter to Win $500  —  Discover Wavefront's out-of-the-box monitoring suite for Containers, AWS, Windows, Linux & more.  Try Free for 30 days, enter to win $500
eero:
The eero Plus experience keeps getting better with regular updates.  —  With the latest version of the eero app for iOS and Android, it's now easy to track your eero Plus daily, weekly, and monthly activity of Inspections …
Zoho:
Introducing Moderator Controls in Zoho Meeting - lock meetings, switch presenters, and mute or remove participants  —  Forming actionable plans out of collaborative sessions can be challenging.
TechCrunch Disrupt SF:
Techmeme readers save 15% off Disrupt SF passes  —  TechCrunch's Disrupt SF (Sept. 5-7) is our most ambitious event ever where our 10k attendees will extract more startup insights & inspiration than ever before.