Security Alerts & News
by Tymoteusz A. Góral

History
#163 Huge number of Apple Mac apps vulnerable to hijacking, and a fix is elusive
The vulnerability is the result of apps that use a vulnerable version of Sparkle along with an unencrypted HTTP channel to receive data from update servers. It's the result of functions built into the WebKit rendering engine that allows JavaScript execution. As a result, attackers with the ability to manipulate the traffic passing between the end user and the server—say, an adversary on the same Wi-Fi network—can inject malicious code into the communication. A security engineer who goes by the n
Read more
#165 Symantec: Cybercriminals target social networks to do their dirty work
#164 Windows 10 updates finally get some release notes
#163 Huge number of Apple Mac apps vulnerable to hijacking, and a fix is elusive
#162 Google AdWords display ads going all-HTML, will ban Flash in 2017
#161 NCR: Network cable card skimming attacks in the US
#159 Poseidon APT Group identified as first portuguese-speaking campaign
#158 Check your Google security and get 2 free GBs of Google Drive for free
#157 Java “RAT-as-a-Service” backdoor openly sold through website to scammers
#156 Hack on DoJ and DHS downplayed
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12