Security Alerts & News
by Tymoteusz A. Góral

History
#613 Rogue source code repos can compromise Mac security due to old Git version.
Rachel Kroll has discovered that El Capitan comes bundled with an older version of Git that's exposing users to two possible attacks, due to the CVE-2016-2324 and CVE-2016-2315 vulnerabilities present in all Git versions 2.7.3 and prior. El Capitan comes bundled by default with Git 2.6.4.

The two vulnerabilities, both heap-based buffer overflows, allow attackers to execute malicious code on the machine. The only condition for an attack to take place is that a Mac user forks a Git repo that contains malicious code.

The attacker can use the malicious code hidden in the repo to launch an attack on the Mac, compromise the system, and take control of the user's device.
Read more
#619 New system to identify people by their 'brainprints'
#618 Android Security Report: 29 percent of active devices not up to patch vevels
#617 Chrome extensions will soon have to tell you what data they collect
#616 Changing your password regularly is a terrible idea, and here's why
#615 MIT reveals AI platform which detects 85 percent of cyberattacks
#614 US-CERT to Windows users: Dump Apple Quicktime
#613 Rogue source code repos can compromise Mac security due to old Git version.
#612 Google Alerts, direct webmaster communication get bugs fixed quickly
#611 How hackers eavesdropped on a US Congressman using only his phone number
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12