The Heartbleed Bug

Monday, April 7th, 2014

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging ...

Zero-day vulnerability in Microsoft Word under active attack

Monday, March 24th, 2014

Attackers are exploiting a newly discovered vulnerability in Microsoft Word that makes it possible to remotely seize control of computers, the company warned. The in-the-wild attacks work by creating booby-trapped documents in the Rich Text Format (RTF) that exploit a vulnerability in the 2010 version of Microsoft Word, Microsoft warned in ...

WPA2 wireless security cracked

Friday, March 21st, 2014

There are various ways to protect a wireless network. Some are generally considered to be more secure than others. Some, such as WEP (Wired Equivalent Privacy), were broken several years ago and are not recommended as a way to keep intruders away from private networks. Now, a new study published ...

All major browsers fall during second day at Pwn2Own hacking contest

Friday, March 14th, 2014

Security researchers demonstrated zero-day exploits against Google Chrome, Microsoft Internet Explorer, Apple Safari, Mozilla Firefox and Adobe Flash Player during the second day of the Pwn2Own hacking competition Thursday, racking up total prizes of US$450,000. A team from French vulnerability research firm Vupen hacked Google Chrome by exploiting a use-after-free vulnerability ...

Major security flaw threatens Linux users

Wednesday, March 5th, 2014

A source code mistake in the GnuTLS library an open-source software building block used in a large number of different Linux distributions to handle secure Internet connections could prove a serious threat to the privacy of Linux users, as developers rush to patch the vulnerability. Nikos Mavrogiannopolous, the developer of GnuTLS, ...