Security Alerts & News
by Tymoteusz A. Góral

#909 Firefox 47 fixes 13 vulnerabilities, removes click-to-activate plugin whitelist
Mozilla fixed 13 security issues, including two critical vulnerabilities that could have led to spoofing and clickjacking, among other issues, when it updated Firefox to the latest build, Firefox 47, this week.

One of the issues, a buffer overflow, could have resulted in a potentially exploitable crash according to an advisory published by the company on Tuesday. According a security researcher that goes by the handle firehack, the overflow could have popped up when the browser parsed HTML5 fragments in a foreign context. When a fragment was inserted into an existing document, it could’ve crashed the browser.

The second critical issue corresponds to not one, but several memory safety bugs reported by 14 different Mozilla developers and community members. The details of the bugs weren’t revealed, but according to the advisory the likeliness that some could be exploited to run arbitrary code was high enough that it warranted fixing.
Read more
#914 DDoS attacks increase over 125 percent year over year
#913 Ransomware leaves server credentials in its code
#912 Qarallax RAT: Spying on US visa applicants
#911 Google to deprecate SSLv3, RC4 in Gmail IMAP/POP clients
#910 Many Lexus navigation systems bricked by over-the-air software update
#909 Firefox 47 fixes 13 vulnerabilities, removes click-to-activate plugin whitelist
#908 The new Apple App Store: subscription pricing, faster approvals, and search ads
#907 Unpatched DLink WiFi camera flaw remotely exploitable
#906 Symantec: Fake gaming torrents lead to potentially unwanted applications
#905 US warns banks of hacking threat to Swift system
#904 FireEye uncovers phishing campaigns targeting Apple users
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12