Researchers in Europe have published research examining weak, homegrown cryptography used in the Open Smart Grid Protocol.
Tag Archives: Web Security
Cisco Patches Remote Code Execution Bugs in UCS Central
Cisco has patched a critical input validation vulnerability in its UCS Central software.
Appeals Court Rules NSA Metadata Collection Not Authorized by Section 215
The United States Court of Appeals for the Second Circuit ruled Thursday that the Patriot Act does not authorize the bulk collection of phone records by the NSA. The ruling undermines the key foundation upon which the federal government’s phone metadata surveillance program is built, Section 215 of the Patriot Act. That program was the […]
Apple Fixes WebKit Vulnerabilities in Safari Browser
Apple has issued a series of bulletins for its Safari browser fixing various security vulnerabilities in its WebKit rendering engine.
Lenovo Patches Vulnerabilities in System Update Service
IOActive researchers disclosed details on three patched vulnerabilities in Lenovo’s System Update mechanism.
Patch Tuesday Facelift End of an Era
Microsoft’s introduction of Windows Update for Business puts an end to Patch Tuesday security updates as we know them.
Google Research Reveals Profitable, Pervasive Ad Injector Ecosystem
More than five percent of all unique IP addresses accessing Google sites included some kind of ad injector software, and there are more than 50,000 of those injector browser extensions in use today, according to new research from Google.
ICU Project Overflow Vulnerabilities Patched
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
Usbkill Script Can Render Computers Useless
The idea of needing to disable a computer quickly as the police–or another potential adversary–comes through the door typically has been the concern of criminals. But in today’s climate activists, journalists, and others may find themselves wanting to make their laptops unusable in short order, and that’s where usbkill comes in. The new tool is a […]
Netflix Releases FIDO Incident Response Tool
Engineers at Netflix have released another one of the company’s bespoke security tools as an open-source application, this time an incident-response system known as FIDO. The tool is designed to help automate the process of incident response, and specifically it acts as a new layer that helps tie together existing applications by evaluating and assessing […]