Security News > 2015 > July

Pinterest recently fixed an issue in the API of its web app that could have allowed remote attackers to compromise emails and carry out session hijacking and phishing attacks.

Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest...

Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.

A class-action lawsuit filed by a government employees’ union against the Office of Personnel Management as a result of the massive data breach at OPM that affects more than 18 million people...

G DATA security experts discovered 440,267 new Android malware strains in the first quarter of 2015, which means that a new mobile malware strain for Android was discovered every 18 seconds. "New...

Security researchers Linus Särud and Matthew Bryant hav recently discovered some pretty big holes in NoScript, a popular Firefox plugin that prevents executable web content such as JavaScript, Java, F...

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 46 has been released today. Table of contents:The Art of War applied...

I don't have much to say about the recent hack of the US Office of Personnel Management, which has been attributed to China (and seems to be getting worse all the time). We know that government...

Apple has released security updates for Safari, OS X Yosemite (and previous OS X versions), and iOS. The OS X update contains fixes for 77 vulnerabilities, many of which can be exploited by attacke...

The main appeal of open source software is in the fact that its source code can be reviewed by anyone and, theoretically, stealthy backdoors and unintentional errors should be spotted and removed quic...