Apple fixes wireless-based remote code execution flaw in iOS
Apple fixed a serious vulnerability that could allow attackers to remotely execute malicious code on the Broadcom Wi-Fi chips used in iPhones, iPads, and iPods.
Stories by Lucian Constantin
A free decryption tool is now available for all Bart ransomware versions
Antivirus vendor Bitdefender has released a free decryption tool that works for any files affected by the Bart ransomware.
UEFI flaws can be exploited to install highly persistent ransomware
A team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI).
Google's Android hacking contest fails to attract exploits
Google offered to pay US$200,000 to any researcher who could remotely hack into an Android device by knowing only the victim's phone number and email address, but no one stepped up to the challenge for six months.
Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server
A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.
Open-source developers targeted in sophisticated malware attack
Developers who publish their code on GitHub have been targeted in an attack campaign that uses a little known but potent cyberespionage malware.
VMware patches critical virtual machine escape flaws
VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.
Trojan source code leak poised to spur new online banking attacks
The source code for a new banking Trojan has been published online, offering an easy way for unskilled cybercriminals to launch potent malware attacks against users.
LastPass is scrambling to fix another serious vulnerability
Developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or to infect computers with malware.
Apple: Macs and iPhones are safe from newly revealed CIA exploits
The Mac and iPhone exploits described in new documents attributed to the U.S. Central Intelligence Agency were patched years ago, according to Apple.
To punish Symantec, Google may distrust a third of the web's SSL certificates
Google plans to remove the extended validation (EV) status of any such certificates issued by Symantec and to force the company to replace all of its customers' certificates.
Leaked iCloud credentials obtained from third parties, Apple says
The iCloud credentials that the Turkish Crime Family hacker group claims to have weren't obtained through a breach of the Apple's services.
Wikileaks documents show CIA's Mac and iPhone compromises
The U.S. CIA has had tools to infect Apple Mac computers by connecting malicious Thunderbolt Ethernet adapters to them since 2012, according to new documents purported to be from the agency and published by WikiLeaks.
LastPass fixes serious password leak vulnerabilities
Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.
Hackers threaten to wipe millions of Apple devices, demand ransom
A group of hackers is threatening to wipe millions of iOS devices in two weeks if Apple doesn't pay them US$150,000.