bug

Tue
28
May
John Lister's picture

Ransomware Attack Linked to NSA Breach

The National Security Agency (NSA) is refusing to comment on claims a tool it developed has been used in a ransomware attack on the Baltimore city government. The New York Times says the attackers used a tool called "EternalBlue." The attackers have ... encrypted Baltimore government systems and demanded between $76,000 and $114,440 (depending on the account) to restore access. Officials have refused to pay and used workarounds including some manual processing of files and switching to Gmail for internal communications. It seems the attack was carried out using EternalBlue, which is ... (view more)

Wed
27
Mar
John Lister's picture

Apple Devices Need 51 Important Security Updates

Apple has released a patch for mobile devices which covers 51 security flaws. It's sparked debate over Apple's security levels and the way it issues such updates. The patch is for iOS, taking it up to version 12.2. Apple doesn't issue standalone ... security updates. Instead, it builds it into the main update for the system, which also includes new features or bug fixes. (Source: apple.com ) The most notable fix is a bug in an API (application program interface), which lets third party software interact with Apple services. In this case, the API bug could allow malware to access an iPhone, iPad ... (view more)

Wed
20
Mar
John Lister's picture

Report: Microsoft Bugs 'Most Exploited' by Hackers

According to a recent report, Microsoft products made up eight of the ten most exploited software bugs last year according to a security company. That's higher than in recent years, largely because Adobe Flash is becoming a less rewarding target for ... hackers as it loses popularity. As recently as 2015, most of the top ten involved bugs with Flash. Microsoft took the unwanted lead in 2017 with seven entries on the list. (Source: bleepingcomputer.com ) Internet Explorer Tops The List The top spot for 2018 went to a bug in the Windows VBScript engine . That's a tool that handles code designed for ... (view more)

Thu
07
Feb
John Lister's picture

Security Researcher Refuses to Share Bug with Apple

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)

Wed
14
Nov
John Lister's picture

MS: Win10 Bugs Fixed; October Update Rolls Out Again

Microsoft has begun rolling out the October 2018 update for Windows 10 for a second time. It doesn't take a much of a look at the calendar to reveal that things went very badly . The release is one of the twice-yearly updates that replace the old ... model of having small updates every month and then a completely new edition of Windows every few years. The October update had a variety of problems including: Key document folders being irretrievable deleted in some cases if they weren't stored in the default disk location. Some computers being completely silenced after the update rolled out an ... (view more)

Wed
26
Sep
John Lister's picture

Firefox Download Bug Could Crash Windows

A security researcher has found a way to crash the Firefox browser and even Windows itself. Sabri Haddouche has demonstrated the technique to highlight the risk that it could be misused. The bug is shown off at Haddouche's site Browser Reaper, which ... he created to chart his interest in denial of service attacks. Normally such attacks involve flooding a website with bogus visits until it is overloaded and becomes unavailable to ordinary users. However, Haddouche has been exploring the technique from the other perspective: forcing a browser to deal with so much traffic that it crashes. Epic Name ... (view more)

Wed
23
May
John Lister's picture

Microsoft: New Processor Bug Could Leak Data

Both Microsoft and Google are warning of another bug in computer processors. It's similar to previous bugs known as 'Spectre' and 'Meltdown'. For now the new issue has the less dramatic codenames 'Speculative Store Bypass Variant 4' and ... 'CVE-2018-3639'. As with Spectre and Meltdown , it involves a processor function known as speculative execution that's meant to improve computation processes. Unlike some bugs, it's classed as a low risk to users but is significant because of the sheer number of computers that could be affected. The processor is the part of the computer that physically carries ... (view more)

Tue
20
Feb
John Lister's picture

Google Exposes Unfixed Microsoft Edge Security Flaw

Google has revealed a security flaw with the Microsoft Edge browser before Microsoft released a patch. It's a controversial move with arguments across both the tech and security industries. The flaw in question is somewhat complicated. In very ... simplified terms, the flaw is to do with how Microsoft Edge converts website code into what users see on their computer screen when visiting a website. Google realized that it could work out precisely when the browser would access part of the computer's memory and use this knowledge to effectively set a booby trap. That could then force the computer to ... (view more)

Thu
30
Nov
John Lister's picture

'Spectacular' Apple Flaw Left Macs Wide Open for Attack

Apple has been forced to fix a major security flaw in the latest edition of the Mac operating system. The fix makes it far easier for a thief to access a computer's files. The bug is in MacOS High Sierra, which was released two months ago. It's ... widely used as its compatible with most Mac computers released in the past eight years or so. The problem is with root access on the system. That's the highest level of access, giving complete control of the computer and even the opportunity to alter key system files. Normally only the most confident users would enable root access (which then acts a ... (view more)

Thu
12
Oct
John Lister's picture

T-Mobile Bug Revealed Email Address, Name, and More

T-Mobile has fixed a bug that let hackers get sensitive personal data just by using a phone number. In theory, it could have been possible to collect details on all the company's customers, though T-Mobile denies this. The problem was discovered by ... Karan Saini, a security researcher who discussed the problem with the Motherboard Vice website. The site then approached T-Mobile about the problem. It said "we were alerted to an issue that we investigated and fully resolved in less than 24 hours. There is no indication that it was shared more broadly." (Source: vice.com ) The bug had to do with T ... (view more)

Pages

Subscribe to RSS - bug