March 25, 2015 Trouble at the BIOS Level: LightEater Malware Proof of Concept Shows Major Security Risk 2 min read - Two researchers at the CanSecWest conference showed how the LightEater malware could infect the BIOS in most hardware to take over systems and steal data.
Software Vulnerabilities March 25, 2015 Made for Headlines: Do Designer Vulnerabilities Compromise Security? 3 min read - As vulnerabilities are now branded with catchy names and logos, security researchers should be careful not to compromise the responsible disclosure process
March 24, 2015 Listen Up: IP Phones From Cisco Enable Eavesdropping 2 min read - IP phones from Cisco are reportedly vulnerable to remote eavesdropping, causing many businesses to be wary of using them until they are fixed.
March 17, 2015 Google Researchers Develop Exploits for DRAM Rowhammer Hardware Bug 2 min read - Security researchers at Google have found a way to reliably exploit a serious hardware bug that is present in many laptop devices.
March 14, 2015 You’ve Got Email Spoofing: Researchers Expose Flaw in Google Apps Domain Verification Process 2 min read - The discovery of a flaw in Google Apps allowing cybercriminals to conduct email spoofing through the admin console may have some early adopters concerned.
Software Vulnerabilities March 11, 2015 DroppedIn: Remotely Exploitable Vulnerability in the Dropbox SDK for Android 8 min read - IBM X-Force has discovered a vulnerability in Dropbox SDK for Android that lets attackers connect mobile apps to Dropbox accounts that they control.
Software Vulnerabilities March 6, 2015 WordPress and the GHOST Vulnerability 3 min read - WordPress and its users may be vulnerable to the recently reported GHOST vulnerability through a remote, unauthenticated attacker.
March 5, 2015 Malware May Soon Be Showing on a Blu-ray System Near You 2 min read - A researcher has demonstrated that many common Blu-ray systems may be open to malware attacks at both the software and hardware level.
Software Vulnerabilities February 28, 2015 IBM Application Security on Cloud Saves the Day 2 min read - With AppScan Mobile Analyzer, IBM found vulnerabilities in the Apache Cordova framework for mobile apps that enabled a remote drive-by exploitation attack.
February 26, 2015 Researchers: Adtrustmedia’s PrivDog Advertising Software Leaves Some Users at Risk 2 min read - PrivDog, the advertising software offered by Adtrustmedia, may be breaking SSL security in ways that compromise user security.