Anatomy of a bug: Battlefield: Play4Free hole allows dodgy updates to go unnoticed
A pair of Maltese vulnerability researchers have found a security hole in Battlefield: Play4Free from digital games giant EA. The vulnerability abuses the fact that different versions of Windows deal differently with erroneous input to the function used to start new processes. more…JPMorgan Chase glitch displays customers as zero
Customers of JPMorgan Chase reported seeing zero balances in their accounts both online and on mobile, and speculated that the bank’s systems had been hacked into. The bank however clarified late Monday that it was having a technology problem regarding customers’ balance information that it was working to resolve. Tags: JPMorgan Industry News more…Hackers open up offline play, modding tools for SimCity
EA and Maxis’ claim that it would take “significant engineering work” to make a workable offline version of SimCity took another hit today. Hackers have released modding tools that disable the game’s periodic server checks without breaking the simulation. The tools also unlock other features not in the final game. Tags: Games Hackers more…Google Play: Potentially Unwanted
Google Play has a problem — and it isn’t malware. Depending on location, Potentially Unwanted Applications (PUA) can be rather difficult to avoid. Here’s a screenshot of User Reviews from a “weather widget” application: In English (both U.S. and U.K.), there are eight user reviews. Just eight. Even if you click on a link to […] more…Flash: Click to Play
Adobe released several security updates for its Flash Player during February. Security bulletin APSB13-04: “Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks […] more…Team GhostShell Leader Details the Tricks He Played on Law Enforcement Agencies
After leaking millions of pieces of information from the systems of organizations from all over the world, Team GhostShell has become the target of several law enforcement agencies. In an interview we’ve had with DeadMellox, the leader of the group, he has detailed some of his encounters with the authorities. DeadMellox says he’s taking a […] more…Adobe tells users to update Flash Player for the third time this month
Adobe tells computer users to protect themselves against “targeted attacks” that are being “exploited in the wild”. And that means patching Adobe Flash. Again. more…Inside the PlayStation 4: A balanced approach to building a game console
By the time Sony unveiled the PlayStation 4 at last night’s press conference, the rumor mill had already basically told us what the console would be made of inside the (as-yet-nonexistent) box: an x86 processor and GPU from AMD and lots of memory. Tags: Sony PS4 Hardware more…Crazy like a fox? McAfee admits to playing the ‘crazy card’
The recent actions of security software icon John McAfee may have seemed off kilter, but he now says that at least some of that was a ruse. McAfee, speaking with ABC News after arriving in the U.S., said he faked illness to avoid being sent back to Belize from Guatemala. He also thanked the media […] more…Google Play privacy SNAFU sends app buyers’ details to devs
Dan Nolan, an Australian software developer, has claimed that Google Play sends those who sell apps in the online bazaar personal details of app buyers. Nolan rose to notoriety late in 2012 by launching “The Paul Keating Insult Generator”. Keating was Prime Minister of Australia between 1991 and 1996 and had a famously acid tongue. […] more…Adobe releases patches for Flash Player and Shockwave Player
Adobe released security updates for Flash Player and Shockwave Player on Tuesday in order to address a total of 19 vulnerabilities affecting the two products. read more more…DaVinci surveillance malware distributed via zero-day Flash Player exploit, researchers say
Political activists from the Middle East were targeted in attacks that exploited a previously unknown Flash Player vulnerability to install a so-called lawful interception program designed for law enforcement use, security researchers from antivirus vendor Kaspersky Lab said Tuesday. read more more…Adobe Flash Player 0-day and HackingTeam’s Remote Control System
Last week, Adobe released a patch for a vulnerability in Flash Player that was being exploited in targeted attacks. Before reading any further, we recommend you to take a moment make sure you apply this patch. Adobe offers this nifty tool to check that you have the latest version of Flash Player. If you are […] more…Zero-Day Vulnerabilities Found in Adobe Flash Player
Adobe released an out-of-band update for two critical zero-day vulnerabilities just a few days in advance to its regular monthly patch cycle. The Buffer overflow vulnerability (CVE-2013-0633), which exists in Flash Player can lead to remote code execution or denial of service conditions when exploited. This vulnerability, which has been exploited in the wild, targets […] more…Update: Flash Player Exploit Targeting Macs and Windows
On Monday, we speculated that recent Java exploits may have been used to hack the Macs of Twitter employees. And today there’s a Flash Player update, and Adobe reports the patched vulnerabilities are being exploited in the wild. CVE-2013-0634 affects Flash Player for Firefox and Safari for Mac. What organizations have been targeted? Adobe doesn’t […] more…Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
Type: Vulnerability. Adobe Flash Player is prone to a remote memory-corruption vulnerability; fixes are available. more…More information
- New ‘Evil’ WiFi Could Result In Bricked iPhones/iPads
- World’s first 1,000-processor chip
- A hacker turned an old Nokia phone into a smartwatch
- Safeguarding Sensitive Data in the Cloud and Virtual Datacenters
- Venezuela’s Maduro Says Cyber Attack Prevented Power Restoration
- When paying taxes, don’t pay twice
- RDP Servers Can Hack Client Devices: Researchers
- PhishMe Raises $42.5 Million in Series C Funding
- Arista adds security to cloud software
- Russian Hackers Target Industrial Systems in North America, Europe