Continue Reading

Report Highlights Scary New iOS Exploit via iMessage, Putting iPhone Security at Risk

Digital security firm Kaspersky has posted information about a recent cyberattack that targeted the iPhones of Kaspersky employees, which were infected with spyware that is part of a campaign the company dubbed, “Operation Triangulation.”

lifelock vulnerability padlock
Continue Reading

LifeLock Data Unlocked: LifeLock Exposes Millions of Email Addresses for the Taking

Oh, the irony! Identity theft protection service LifeLock has exposed millions of their customers’ email addresses. And according to Krebs on Security, the exploitable vulnerability was so basic that it seems “that whoever put it together lacked a basic understanding of Web site authentication and security”!

glibc security flaw vulnerability dns
Continue Reading

The getaddrinfo Vulnerability that Has Everyone Freaking Out Explained

By now you have probably heard about the enormous security flaw that was recently discovered that, experts say, left thousands of applications and devices vulnerable to remote attacks and control. It is a flaw that has been around since 2009, and has the potential to affect any server that is running any post-2008 version of the Gnu C open source library called glibc. It is the function getaddrinfo() within the glibc library that has the flaw, and it is so widely distributed that it is impossible to estimate just how many applications and hardware installs are running the flawed versions (of which there are at least 7 main version and dozens of incremental update versions).

microsoft windows bug
Continue Reading

Urgent Microsoft Vulnerability Update Patch for All Versions of Windows

Microsoft has released a critical update to patch a “privately reported” Microsoft Secure Channel (“Schannel”) vulnerability which affects all current versions of Windows and Windows Server. Says Microsoft, “This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows.”

zombie reaching
Continue Reading

Microsoft Intentionally Failing to Patch Critical Vulnerability in Explorer IE 8

The Zero Day Initiative (ZDI) has revealed a critical vulnerability in Microsoft Explorer 8 (IE 8) that Microsoft was first alerted to more than 7 months ago, and never bothered to issue a patch for or to fix. Here’s the scoop, and what to do to protect yourself from the CVE-2014-1770 vulnerability.

The Internet Patrol default featured image
Continue Reading

Microsoft Issues Security Advisory for Security Hole in IE6 and IE7

Microsoft has issued a security advisory (#981374) for a vulnerability in Internet Explorer 6 (IE 6) and Internet Explorer 7 (IE 7) that could allow someone to remotely execute code on your PC – that is, to remotely operate your computer.