Microsoft issues emergency update to fix critical IE flaw under active exploit

Enlarge (credit: Microsoft) Microsoft has issued an emergency update that fixes a critical Internet Explorer vulnerability that attackers are actively exploiting on the Internet. The memory-corruption flaw allows attackers to remotely execute malicious code when computers use IE to visit a booby-trapped website, Microsoft said Wednesday. Indexed as CVE-2018-8653, the flaw affects all supported versions […]

Intel CPUs fall to new hyperthreading exploit that pilfers crypto keys

Enlarge (credit: Intel) Over the past 11 months, the processors running our computers, and in some cases phones, have succumbed to a host of attacks. Bearing names such as Meltdown and Spectre, BranchScope, TLBleed, and Foreshadow, the exploits threaten to siphon some of our most sensitive secrets—say passwords or cryptographic keys—out of the silicon microarchitecture […]

New RAMpage exploit revives Rowhammer attack to root Android devices

(credit: Ron Amadeo) In late 2016, Google’s security team scrambled to fix a critical vulnerability that allowed attackers to gain unfettered root access to Android devices by using a relatively new class of exploit that manipulates data stored in memory chips. Now, 21 months later, many of the same researchers behind the attack, dubbed Drammer, […]

Three months later, a mass exploit of powerful Web servers continues

Enlarge (credit: Malwarebytes) More than 115,000 websites—many run by major universities, government organizations, and media companies—remained wide open to hacker takeovers because they hadn’t installed critical patches released 10 weeks ago, security researcher Troy Mursch said Monday. A separate researcher reported on Tuesday that many of the sites were already compromised and were being used […]

That mega-vulnerability Cisco dropped is now under exploit

Enlarge (credit: Cisco) Hackers are actively trying to exploit a high-severity vulnerability in widely used Cisco networking software that can give complete control over protected networks and access to all traffic passing over them, the company has warned. When Cisco officials disclosed the bug last week in a range of Adaptive Security Appliance products, they […]

Mac exploit lets you change App Store preferences with any password

Apple’s Mac password troubles aren’t over yet. Users have discovered that it’s possible to change Mac App Store preferences in macOS High Sierra using any password. You do need to login as an administrator, which is supposed to unlock preferences, but you’re allowed to use any password you like if the preference is locked and […]

Amazon Echo and Google Home were vulnerable to Bluetooth exploit

Back in September, Bluetooth-connected device owners got a little scare when security firm Armis disclosed a new hack exploit known as BlueBorne. In theory, bad actors could target smartphones, tablets and such using specific vectors in Bluetooth connectivity. Armis had informed Apple, Microsoft and Google months before and they patched up the vulnerabilities ahead of […]

Rafael Nadal has WEAKNESS I will try to exploit – David Goffin makes confident claim

Goffin met Nadal twice in the 2017 season, both times on Clay in Spain and Monte Carlo respectively and the Belgian lost both matches in straight sets. The 26-year-old almost didn’t make the season-ending tournament in London after twisting his ankle at the French Open which kept him out of Wimbledon as well. But titles […]

Russia’s ‘Fancy Bear’ Hackers Exploit a Microsoft Office Flaw—and NYC Terrorism Fears

Kremlin hackers are adapting their phishing tactics with both the latest software vulnerabilities and the latest news, new McAfee findings show. Feed: All Latest