Graphics chip maker Nvidia released a new version of its Unix driver on Friday in order to address a high-risk vulnerability that can be exploited by local users to gain root privileges on Linux systems. The privilege escalation ...
Tags: graphics chip, Nvidia, Unix driver, high risk vulnerability
Criminals are sending malicious emails that purport to come from payroll services firms in order to infect with malware the computers of payroll administrators from various companies, according to researchers from the SANS Internet Storm ...
Tags: criminals, malicious emails, payroll services firms, ISC
Google today announced it had wrapped up work on a stronger Flash sandbox in the Windows version of Chrome, and would soon ship the same for its OS X browser. Chrome 21, which launched July 31, completed efforts to ditch the aged NPAPI ...
Tags: Google, stronger Flash sandbox, Windows version, Chrome
Millions of subscribers to Virgin Mobile's services in the United States are wide open to account hijacking because of the insecure manner in which the company authenticates users to their online accounts, an independent software developer ...
Tags: subscribers, Virgin Mobile's services, account hijacking, online accounts
A researcher scored again against Oracles database by demonstrating at the Black Hat security conference Thursday an exploit that would allow him to take control as an administrator. David Litchfield, a researcher at Accuvant Labs, demoed ...
Tags: Oracles database, Black Hat, security conference, David Litchfield
Adobe plans in February to close a dangerous hole in its Shockwave application that causes the application to be downgraded when a user launches older multimedia content, allowing hackers to target years-old vulnerabilities. The U.S. ...
Tags: Adobe, 2-Year-Old Shockwave, software
Germany's cybersecurity agency on Monday urged users to drop Internet Explorer (IE) and switch to a rival, like Chrome or Firefox, until Microsoft patches a new critical bug in its browser. In an alert released Monday, Germany's Federal ...
Tags: Germany, cybersecurity agency, IE, users
Dutch security researchers hacked an iPhone 4S on Wednesday, showing how a malicious webpage can send all pictures, address book data and browsing history on the phone to a server of the attacker's choice. As participants in the Mobile ...
Tags: Dutch, security researchers, iPhone 4S, Mobile Pwn2Own competition
Attackers can abuse Facebook's phone search feature to find valid phone numbers and the names of their owners, according to security researchers. The attack is possible because Facebook doesn't limit the number of phone number searches ...
Tags: Facebook, phone search feature, valid phone numbers, security researchers
Microsoft today announced it will deliver seven security updates, one critical, to patch 20 vulnerabilities in Office, SharePoint Server, SQL Server, Windows and other parts of its product lineup. "It looks like an Office month," said ...
Tags: Microsoft, security updates, vulnerabilities, Office, SharePoint Server
CoDeSys, a piece of software running on industrial control systems (ICS) from over 200 vendors contains a vulnerability that allows potential attackers to execute sensitive commands on the vulnerable devices without the need for ...
Tags: Digital Bond, Flaw, patch, vulnerability, control systems
Over half of Android devices are vulnerable to known security flaws that can be exploited by malicious applications to gain complete access to the operating system and the data stored on it, according to a report from mobile security firm ...
Tags: Android, applications, critical, devices, vulnerabilities
Amazon Web Services has submitted an entry to the Cloud Security Alliance's Security, Trust & Assurance Registry (STAR), a move that sheds some light into the security features of its IaaS cloud offering. The CSA launched its STAR program ...
Tags: Amazon Web Services, Cloud Security, STAR, CSA
Approximately 3.6 million Social Security numbers and 387,000 credit and debit card numbers belonging to South Carolina taxpayers were exposed after a server at the state’s Department of Revenue was breached by an international ...
Tags: credit cards, Data leak, protection, security breach, Social securtiy
Adobe Systems released fixes on Tuesday for six critical vulnerabilities affecting its Flash multimedia application and AIR runtime, five of which could allow for remote code execution on a system. The updates affect Windows, Macintosh, ...
Tags: Adobe Systems, critical vulnerabilities, Flash multimedia app