Google’s first Android Security Report puts some hard data behind the effectiveness of the security enhancements it has put into the OS.
Tag Archives: Vulnerabilities
Google Awards $5k Bounty for YouTube Video Delete Bug
A Russian security researcher discovered that he could delete any video on YouTube by sending a simple POST request in YouTube’s Creator Studio.
Students Build Open Source Web-Based Threat Modeling Tool
Students at St. Mary’s University in Canada released to open source a web-based threat modeling tool called Seasponge that they hope will provide an alternative to Microsoft’s free tool.
Multicast DNS Vulnerability Could Lead to DDOS Amplification Attacks
DHS warned of a serious vulnerability in Multicast DNS devices whereby leaked system information could be leveraged in a DDoS amplification attack.
Mozilla Adds Opportunistic Encryption for HTTP in Firefox 37
Mozilla has released Firefox 37, and along with the promised addition of the OneCRL certificate revocation list, the company has included a feature that enables opportunistic encryption on connections for servers that don’t support HTTPS. The new feature gives users a new defense against some forms of monitoring and doesn’t require any setup from users. When […]
MongoDB Patches Remote Denial-of-Service Vulnerability
Popular NoSQL database MongoDB has released an update that patches a critical denial-of-service vulnerability.
eBay Fixes File Upload and Patch Disclosure Bugs
eBay has fixed a pair of security vulnerabilities in its site that could enable attackers to upload executable files disguised as benign file types, construct full path URLs and then point victims to them through drive-by download attacks. The first bug resulted from the failure of an eBay page to check the headers of image files uploaded by […]
Hotel Internet Gateways Patched Against Remote Exploit
A critical vulnerability in a popular hotel and convention center Internet gateway from AntLabs called InnGate has been patched. The flaw allows attackers read and write access to the devices from the Internet.
MIT Researchers Debut Debugger for Integer Overflows
Students from M.I.T. have devised a new way to scour raw code for integer overflows.
Denial of Service and Memory Vulnerabilities Patched in Cisco IOS
Cisco released its semiannual set of patches for its Cisco IOS router and switch operating system. The patches address 16 vulnerabilities.