Techmeme

Results 81 - 90 of about 571:

Dan Goodin / Ars Technica:
Researchers: hard-to-detect malicious Firefox add-ons can hijack very popular add-ons like NoScript and Firebug to execute malicious code and steal data   —  NoScript and other popular Firefox add-ons open millions to new attack  —  Unlike many browsers, Firefox doesn't always isolate an add-on's functions.
Apr 9, 2016, 11:40 AMIn context
Dan Goodin / Ars Technica:
13M+ HTTPS sites, email services using TLS protocol open to decryption attack, made possible due to weak ciphers added prior to 2000 as part of US export regs   —  More than 13 million HTTPS websites imperiled by new decryption attack  —  Low-cost DROWN attack decrypts data in hours, works against TLS e-mail servers, too.
Mar 1, 2016, 10:30 AMIn context
Dan Goodin / Ars Technica:
Largely undetected Mac malware suggests disgraced HackingTeam has returned   —  Researchers have uncovered what appears to be newly developed Mac malware from HackingTeam, a discovery that's prompting speculation that the disgraced malware-as-a-service provider has reemerged since last July's hack …
Feb 29, 2016, 3:20 PMIn context
Dan Goodin / Ars Technica:
Study: 3.67% of sites in Alexa 1,000 are either blocking or presenting CAPTCHAs to Tor users, often carried out by CDNs like CloudFlare or Akamai   —  Tor users blocked or faced with CAPTCHA if IP address matches known exit node  —  Tor users blocked or faced with CAPTCHA if IP address matches known exit node.
Feb 29, 2016, 6:15 AMIn context
Dan Goodin / Ars Technica:
ASUS settlement with FTC over router flaws from 2014 requires 20 years of security audits   —  Asus lawsuit puts entire industry on notice over shoddy router security  —  FTC takes aim at insecurity that's rampant in the “Internet-of-things” industry.  —  In February 2014 …
Feb 23, 2016, 4:10 PMIn context
Dan Goodin / Ars Technica:
Vulnerability in GNU C library that has left apps and hardware open to attacks since 2008 is patched in new update   —  Extremely severe bug leaves dizzying number of apps and devices vulnerable  —  Since 2008, vulnerability has left apps and hardware open to remote hijacking.
Feb 16, 2016, 10:05 PMIn context
Dan Goodin / Ars Technica:
Bug in Adobe Creative Cloud deletes Mac user data; Adobe stops pushing affected update and is working on a fix   —  Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning  —  Adobe has stopped distribution of an update believed to be triggering the deletions.
Feb 12, 2016, 4:40 PMIn context
Dan Goodin / Ars Technica:
Mac apps using Sparkle, a third-party updating service, are subject to MITM attacks, affected apps include Camtasia, uTorrent, DuetDisplay, and Sketch   —  “Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive  —  Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks.
Feb 9, 2016, 4:12 PMIn context
Dan Goodin / Ars Technica:
eBay tells security firm it has no plans to fix bug that lets attackers bypass restrictions on auction pages and run custom JavaScript   —  eBay has no plans to fix “severe” bug that allows malware distribution  —  Clever “JSF**K” technique allows hackers to bypass eBay block of JavaScript.
Feb 3, 2016, 12:25 PMIn context
Dan Goodin / Ars Technica:
LG patches data-theft vulnerability discovered in Smart Notice, a preinstalled app on the G3 affecting an estimated 10M phones   —  LG closes data-theft hole affecting millions of G3 smartphones  —  Bug allows attackers to embed malicious code in data fed to phone.
Jan 28, 2016, 11:35 PMIn context

Sponsor Posts

Microsoft:
Helping a groundswell of citizen scientists aid the environment  —  See how Microsoft's AI for Earth program is partnering with iNaturalist to help amateur and expert scientists share data.
eero:
eero: your first line of defense against security breaches.  —  Thanks to our automatic and regular software updates as well as a number of other security measures built into our devices and software …
Mozilla:
Facebook Container Extension: Take control of how you're being tracked  —  Our Multi-Account Containers extension has been a game changer for many users, letting them manage various parts of their online life without intermingling their accounts.
Zoho:
Announcing Zoho Mail Desktop Lite Client  —  Get the best of both worlds.  —  There are times when you can't afford distractions while communicating over email.  This is especially true in the case of business emails …