Cryptocat Users Warned of Vulnerability That Allows Hackers to Crack Chats: In case you’re using an older variant of Cryptocat, you are advised to update your installation immediately. Crypto expert Steve Thomas claims to have identified a vulnerability that exposes all Cryptocat chats from the period between October 17, 2011, and June 15, 2013. He has […]

Android flaw allows hackers to surreptitiously modify apps: Researchers said they’ve uncovered a security vulnerability that could allow attackers to take full control of smartphones running Google’s Android mobile operating system. The weakness involves the way legitimate Android applications are cryptographically signed to ensure they haven’t been modified by parties other than the trusted developer, according […]

Newly launched underground market service harvests mobile phone numbers on demand: In May of 2012, we highlighted the increasing public availability of managed SMS spam services that can send hundreds of thousands of SMS messages across multiple verticals. These services are assisted through the use of proprietary or publicly obtainable phone number harvesting and verifying DIY applications. In this […]

Anatomy of a buffer overflow – learning from Apple’s latest security update: Apple has released its latest Security Update for OS X. Dubbed simply 2013-003, the update fixes a trifecta of memory corruption bugs in QuickTime caused by buffer overflows. Technically, one of the bugs is listed as a buffer underflow, which is just a buffer overflow […]

Pony botnet plunders 650,000 web logins in days: Security firm Trustwave has discovered a Russian command and control server for the Pony botnet that has managed to plunder the web credentials of 650,000 victims in a matter of days. The bot’s purpose is to compromise the PCs of its victims, keylogging their account names and passwords, […]

France revealed to be spying on its citizens’ phone calls, email and social media: France’s external intelligence agency spies on the French public’s phone calls, emails and social media activity in France and abroad, the daily Le Monde said on Thursday. It said the DGSE intercepted signals from computers and telephones in France, and between France […]

‘Restore The 4th’ galvanizes over 100 nation-wide protests against NSA, PRISM, and government spying: “Stop the surveillance! Restore the fourth amendment!”. It’s the largest online protest since SOPA. And perhaps an even larger offline protest, as protestors galvanized by the Restore the Fourth movement are using Independence Day to demand their government stop spying on them. […]

EU Parliament Urges Blocking U.S. Data Access After Spy Leaks: The European Parliament called on Thursday for the scrapping of two agreements granting the United States access to European financial and travel data unless Washington reveals the extent of its electronic spying operations in Europe. A non-binding resolution, passed by 483 votes to 98 with 65 […]

IPMI Vulnerabilities on BMCs expose servers to attack: Baseboard management controllers, embedded computers present in most servers, are vulnerable to a half dozen critical vulnerabilities that could enable an attacker to gain remote control over the host machine. The vulnerabilities are in the Intelligent Platform Management Interface (IPMI) protocol specification that describes how BMCs communicate locally […]

Cops shouldn’t have easy access to 220+ days of cell location data, lawyers say: The case dates back to February 5, 2011, when two men robbed a Burger King and a McDonald’s in Baltimore—10 minutes later, they were caught and cuffed by Baltimore City Police officers. Eventually, Aaron Graham and Eric Jordan were charged with 17 […]