IBM researchers discovered three vulnerabilities in Cisco's Webex that allowed attackers to join meetings without being detected, even after being expelled. The bugs have now been fixed.
Apple has kicked off a new security research program that will provide specialized devices to bug hunters to make it easier for them to identify issues in iOS. Devices will be limited initially.
Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems.
Researchers discovered security flaws in the immensely popular social media application that would have allowed hackers to access users' personal data and manipulate the content on their accounts.
A fair few bits of news surfaced this past week, including the cancellation of Minecraft's Super Duper Graphics Pack, the arrival of this month's Patch Tuesday, and more. catch up below.
The hard times for Intel may not be over yet, as sources say that the promised silicon-level fix for the Spectre and Meltdown vulnerabilities may not protect from the variant discovered this week.
Intel has been taking the brunt of the consumer backlash over the Spectre and Meltdown vulnerabilities found in its CPUs, but AMD is also starting to take some heat in the form of legal action.
A recent report by The Wall Street Journal states that according to sources, Intel did not warn the U.S. Government of the Meltdown and Spectre vulnerabilities, but did inform Chinese tech giants.
A new lawsuit filed in the United States claims malfeasance on the smartphone maker's part by not informing its users of the existence of these processor vulnerabilities at an earlier date.
AMD has maintained that its processors are immune to Meltdown and that its chip architecture made it likely that Spectre posed zero risk. However, it is still issuing updates to mitigate risk.
Intel has been battered by the revelation of vulnerabilities in its chips. For his part, CEO Brian Krzanich has owned up to the company's missteps, and now offers an open letter to the tech community.
Google has quickly updated most of its hardware to help mitigate against the Meltdown and Spectre security holes, but if you have questions about your Chromebook, you can find out its update status.
Users of the Ubuntu are also reporting issues with the patches aimed at mitigating the Meltdown and Spectre CPU exploits, with some systems having boot-up issues after installation.
Hardware and software makers continue to deal with the potential problems caused by processor vulnerabilities Meltdown and Spectre. Nvidia is the latest to do so, with updates for its SoCs and GPUs.
The new security updates are designed purely to help make it tougher for hackers to utilize the Spectre vulnerability found is all processors. Apple released an update for Safari 11.0.2, as well.
Intel has been getting battered from all sides because of the Meltdown and Spectre flaws found in its chips. While other chip designs face the same Spectre issues, Torvalds chose to target Intel.
Welcome to a new column that rounds up the news of the week out of Redmond. For the week of December 30 to January 5, we have chip vulnerabilities that needed attention and some problems for Cortana.
Singapore is currently taking feedback on a new cybersecurity bill which will require ethical hackers to be licensed before undertaking their work. The law could benefit both hackers and companies.
Four major security flaws, collectively dubbed 'QuadRooter', have left around 900 million Android devices with Qualcomm chipsets - including many of the latest flagships - vulnerable to attack.
Chrome 51 was recently added to the stable channel with numerous bug fixes and the company has now revealed the list of vulnerabilities reported by external researchers along with the amount paid out.
According to a database run by the U.S. government, the number of disclosed and fixed vulnerabilities by product was led by OS X, iOS and Flash, with Android at #20 and Windows at #14.
Security researchers have showcased the hazards of having an unpatched BIOS using a proof of concept malware called "LightEater" at a recent information security conference in Canada.
In an open letter, Lenovo CTO Peter Hortensius said the company is in the midst of developing a concrete plan to address software vulnerabilities, which will be announced later in the week.
It's that "time of the month" for Windows where patches get applied to plug vulnerabilities found in the OS. This time around eight were delivered and none affecting Internet Explorer.
Open source encryption application TrueCrypt has been audited for potential security flaws and has been found to contain some vulnerabilities but no backdoors which could be used to spy on users.
Pwn2Own inches closer and closer to having a million dollar event payout as the famed competition continues to grow in popularity and participation.
Microsoft has announced a 'bounty program' for people who find exploits inside Windows 8.1, with up to $100,000 offered, plus rewards for finding vulnerabilities in the Internet Explorer 11 preview.
More vulnerabilities have been found after Stuxnet infected Iranian programmable logic controllers designed by Siemens.
If you were counting on WebGL support in upcoming versions of Internet Explorer, you're out of luck for now. Microsoft made the decision to not support WebGL in its current form due to serious security...
Microsoft has issued an advanced notification for their last Patch Tuesday of the year, with a whopping 17 bulletins and 40 vulnerabilities. Out of the 17 bulletins, two are marked as "critical", Microsoft's highest security...
As expected, yesterday Microsoft rolled out five "critical" and three "important" patches for Windows Server 2008, Vista, Office, Internet Explorer and other software as part of its regularly scheduled Patch Tuesday release. The eight-patch rollout...
The latest Month of Bugs project, Month of ActiveX Bugs (MoAxB) started up on May 1 and has already found two critical flaws. First off, Microsoft's ActiveX controls, used to make Web pages richer and...
This week, Mozilla patched seven vulnerabilities with the latest security update, available both with automatic updates and manual download from the company's website, for Firefox 220.127.116.11 and Firefox 18.104.22.168. The security update was originally slated...
A month-long campaign by two independent security researchers to disclose security flaws in Apple Inc.'s products has so far resulted in 10 vulnerabilities being publicly disclosed -- and several more on the verge of being...
As part of its monthly security update cycle, Microsoft on Tuesday released a dozen security bulletins. Nine of them are tagged critical, the company's highest severity rating. The alerts give details of 20 flaws in...
Intel has issued patches for three vulnerabilities for its wireless hardware and software. Two problems affect certain versions of its Pro/Wireless Network Connection Hardware, part of its Centrino mobile platform, Intel said. The vulnerabilities lie...
Cisco Wednesday revealed details on two vulnerabilities that could enable remote attackers to gain unauthorized administrative access to wireless LANs. The first affects Cisco's Wireless Control System (WCS), an application for managing lightweight access points...
The volume of security vulnerabilities discovered in Apple's Macintosh platform has increased significantly over the last several years, according to a new report released by McAfee's Avert Labs. The security software maker contends that...
Apple has issued a security update to patch a potential vulnerability within Java affecting Mac OS X 10.4.5. A specially crafted application could bypass built-in security and allow access to system files by an intruder....
The United States Computer EmergencyReadiness Team (US-CERT) has released it's 2005 year-end index of softwarevulnerabilities. This list includes vulnerabilities that were identifiedbetween January 2005 and December 2005 and covers all types of softwareincluding operating systems....