WARDroid Uncovers Mobile Threats to Millions of Users Worldwide

An analysis of 10,000 mobile apps has found that a significant portion of them are open to web API hijacking – thanks to inconsistencies between app and server logic in web APIs.

Facebook Defends Against Device-Integrated APIs Policy, But Concerns Remain

Facebook is again in hot water after an article alleged it struck deals with device-makers to access users’ data.

SB18-155: Vulnerability Summary for the Week of May 28, 2018

Original release date: June 04, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »

Researchers Warn of Microsoft Zero-Day RCE Bug

A Microsoft Windows vulnerability enables remote attackers to execute arbitrary code – and there’s no patch yet.

Browser Side-Channel Flaw De-Anonymizes Facebook Data

An attacker can pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website.

Huawei Patches Four Server Bugs Rated High Severity

Huawei stamps out four high-severity bugs impacting 20 server models ranging from its XH, RH and CH lines.

Google Patches 34 Browser Bugs in Chrome 67, Adds Spectre Fixes

Google has rolled out its newest browser version (Chrome 67.0.3396.62) for Windows, Mac and Linux this week with new security fixes and biometric features.

Botnet Operators Team Up To Leverage IcedID, Trickbot Trojans

The botnet operators behind two infamous trojans have banded together to gouge victims in a costly scheme.

Bug In Git Opens Developer Systems Up to Attack

A serious vulnerability was patched by developers behind Git that closes the door on a flaw that could lead to arbitrary code execution on a developer’s system.

Fraudsters Claim To Hack Two Canadian Banks

Two Canadian banks reported that they may be targets of a hack after fraudsters claimed that they electronically accessed personal and account information.