Google updated Chrome on Tuesday, fixing three high severity bugs in the process.
Tag Archives: Web Security
Microsoft Patches Critical Vulnerabilities in its Browsers
Microsoft released 13 security bulletins, five of which it rated critical, including separate advisories patching two dozen flaws in IE and Microsoft Edge browsers.
Adobe Patches Reader and Acrobat, Teases Upcoming Flash Update
Adobe patched its Acrobat, Reader and Digital Editions products today, and said a Flash Player update is due in the “coming days.”
Facebook Password Reset Bug Gave Hackers Access To Any Account
Researcher earns $15,000 bounty from Facebook for discovering massive password security hole exposing 1.1 billion accounts to a possible account takeover.
ISC to Patch Versions of DHCP Vulnerable to DoS
The Internet Systems Consortium (ISC) announced it is planning to patch versions of its DHCP to mitigate a denial of service vulnerability.
Espionage Malware, Watering Hole Attacks Target Diplomats
Targeted attacks using multiple attack vectors including email and watering hole sides has been discovered. The state-sponsored attacks targeted Indian diplomatic and military personnel originating from that Pakistan region, researchers said.
Threatpost News Wrap, March 4, 2016
Mike Mimoso and Chris Brook recap RSA 2016, the pervasiveness of the FBI vs. Apple debate, OpenSSL two years after Heartbleed, and why hacking back is always a bad idea.
Weak Bank Password Policies Leave 350 Million Vulnerable, Say Researchers
Researchers claim major banks are implementing poor password policies and leaving customers vulnerable to brute force “key-search” attacks.
OpenSSL Operating With Renewed Vision Two Years After Heartbleed
At the RSA Conference, nearly two years after Heartbleed, members of OpenSSL’s Development Team described some benefits the nasty bug afforded them.
DROWN Flaw Exposes 33 Percent Of HTTPS Connections To Attack
The latest Internet-wide crypto vulnerability has arrived in DROWN, which can be abused by attackers to carry out man-in-the-middle attacks and decrypt traffic.