Tag: vulnerability

Air Force security hackathon leads to record payout

The US Air Force’s second security hackathon has paid dividends… both for the military and the people finding holes in its defenses. HackerOne has revealed the results of the Hack the Air Force 2.0 challenge from the end of 2017, and it led……


Intel currently facing 32 class-action lawsuits for Spectre and Meltdown

Yesterday, Intel expanded its bug bounty program to catch more issues like the extensive Meltdown and Spectre CPU flaws, but that was too little, too late for some chip owners. We knew three class-action lawsuits were filed in early January da……


Intel expands bug bounty to catch more Spectre-like security flaws

To say Intel was caught flat-footed by the Meltdown and Spectre flaws would be an understatement. However, it has a potential solution: enlist more people for help. It’s widening its bug bounty program to both include more researchers and of……


Attackers used Telegram to deliver cryptocurrency-mining malware

Kaspersky Lab says it spotted evidence of a vulnerability in the desktop version of Telegram that allowed attackers to install cryptocurrency mining malware on users’ computers. The zero-day exploit was used to trick Telegram users into downlo……


Grammarly patches bug that could expose everything you write

Grammarly, a copyediting extension for Chrome and Firefox that points out typos and grammatical mistakes, had a major bug that allowed any website you visit to log into your account and read everything you ever wrote. It made all your document……


Lenovo’s fingerprint manager left passwords vulnerable

A slew of Lenovo devices have left users’ systems vulnerable to a breach. Fingerprint Manager Pro software installed on any of some three dozen ThinkPad, ThinkCentre or ThinkStation devices apparently features weak encryption that allows someo……


Intel told Chinese firms of Meltdown flaws before the US government

Intel may have been working with many tech industry players to address the Meltdown and Spectre flaws, but who it contacted and when might have been problematic. Wall Street Journal sources have claimed that Intel initially told a handful of ……


Apple releases Meltdown patches for older versions of macOS

Today, Apple released updates that will protect some older operating systems against the Meltdown vulnerability. Patches for High Sierra were released earlier this month and now Sierra and El Capitan will be protected as well.
The Meltd……


Blizzard games were vulnerable to a remote hijacking exploit

Fans of Blizzard games might have dodged a bullet. Google security researcher Tavis Ormandy has revealed that virtually all the developer’s titles (including Overwatch and World of Warcraft) were vulnerable to a DNS rebinding flaw that let si……


Uber security flaw compromised two-factor authentication

Two-factor authentication only works if it’s strictly enforced in software, and it sounds like Uber might have fallen short of that goal for a while. In a chat with ZDNet, security researcher Karan Saini has revealed a flaw in Uber’s two-facto……