On Tuesday, security research firm Checkpoint announced that its team had discovered a new vulnerability in numerous media players that allows a hacker to take full control of any device when a malicious subtitle file is used. The firm estimates 200 million people are potentially at risk.
As scary as Heartbleed was this past spring, it looks like virtually every Microsoft Windows user is in for a little deja vu. Microsoft just released a critical patch for a huge server vulnerability—one that affects quite a few current versions of Windows out there.
If you use TweetDeck in any capacity, you're probably aware of a nasty little bug that was running rampant around TweetDeck's hallowed columns yesterday afternoon. But what, exactly, was causing all the retweeted trouble? Computerphile's Tom Scott breaks it down.
According to a confirmation by Microsoft late last night, a new zero day vulnerability has been found to affect every version of Internet Explorer. In other words—over a quarter of the entire browser market.
Khalil, a Palestinian white hat hacker, submitted bug reports to Facebook about a vulnerability that allowed him to post on anyone's wall. But Facebook's security team didn't do anything. So Khalil wrote on Mark Zuckerberg’s wall about it and was generally a badass.
With the NSA leaks going full force it probably won't sound like news at all that a German cryptographer claims to have hacked a SIM card. But that's never been done before (as far as we know . . .) so it's kind of a big deal, and shows that millions of phones are potentially vulnerable.
Over the weekend it was revealed that some extremely popular HTC Android phones (including the EVO, EVO 3D and 4G, and the Thunderbolt) have a gaping security hole which would allow 3rd-party apps access to all of your info. Oops?
Remember those cyber attacks on several companies which somehow led to Google refusing to continue censoring searches in China? According to antivirus maker McAfee, Internet Explorer security flaws are one of the key culprits for what's now called "Operation Aurora."