Security firm Trustlook has found at least 25,936 malicious apps using one of Facebook’s APIs, such as a login API or messaging API. Such malicious apps could then use and abuse a range of Facebook login profiles, such as name, location and email address, according to recent blog post.
Thousands of malicious apps use Facebook APIs Read More »
Microsoft has released two additional Windows security updates that address the Spectre side-channel vulnerabilities that were revealed in January of 2018.
Microsoft patches more Spectre vulnerabilities Read More »
Drupal issued a security advisory (SA-CORE-2018-004) on Wednesday to address a Highly Critical Remote Code Execution vulnerability (CVE-2018-7602). It is important to note this vulnerability is being exploited in the wild. An excerpt from the advisory:  “A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors
Drupal security update Read More »
A new vulnerability dubbed “Total Meltdown” was discovered last month after Microsoft issued patches to fix the previous Meltdown vulnerabilities.
Total Meltdown vulnerability exploit source code now on GitHub Read More »
A leaky Mongo database exposed nearly 25,000 personal records from a Bezop cryptocurrency server. Bezop is one of over 1,000 cryptocurrencies.
Leaky Mongo server exposes thousands of personal data records Read More »
An advanced persistent threat (APT) hacking group has been exploiting an unpatched Internet Explorer (IE) vulnerability to infect Windows PCs with malware.
APT group is exploiting unpatched IE vulnerability Read More »
In an effort to protect patient safety and promote public health, the US Food and Drug Administration (FDA) released a new Medical Device Safety Action Plan.
Medical devices get a new safety action plan Read More »
Security researchers from Symantec have disclosed a new iOS vulnerability dubbed ‘Trustjacking’ that allows an attacker to exploit an iTunes Wi-Fi Sync feature and take control of a victim’s device.
“Trustjacking” iOS vulnerability Read More »
Beware of a painting application called ‘Relieve Stress Paint’ that hackers are using to download malware dubbed “Stresspaint” and steal Facebook user credentials/cookies.
Stresspaint malware targets Facebook credentials Read More »
Cisco has released security updates for a number of Cisco products to include WebEx, Unified Computing System (UCS) Director, StarOS, IOS XR Software, Firepower and a number of other products.
Cisco WebEx and UCS security updates Read More »
