Browsefox aka Sambreel aka Yontoo is a family of browser hijackers. When advertised they promise to “customize and enhance your interaction with the websites you visit”, but in reality they are almost never a users choice install. They come bundled with other software at many major download sites and at […]
Monthly archives: August 2015
10 posts
This is the second “critical” out-of-band patch issued in as many months. It’s all Internet Explorer’s fault — again. Microsoft has released an emergency out-of-band patch for a “critical”-rated security vulnerability, affecting all supported versions of Windows. The software giant said in an advisory Tuesday that users visiting a specially-crafted website […]
For 2 years VW tried to hide the exploits that made its cars hack-able . Now, many might be getting quite paranoid about the recent spate of stories revolving around wireless hacks, nifty devices like ‘Rolljam’ and inherent vulnerabilities in connected vehicles that leave them exposed to enterprising hackers. Well, […]
Lenovo has sold laptops bundled with irremovable software that features a bonus exploitable security vulnerability. If the crapware is deleted, or the hard drive wiped and Windows reinstalled from scratch, the laptop’s firmware will quietly and automatically reinstall Lenovo’s software on the next boot-up. Built into the firmware on the […]
Update flawed, new one needed for countless gadgets Google’s security update to fix the Stagefright vulnerability in millions of Android smartphones is buggy – and a new patch is needed. The Stagefright flaw is named after a component within the Android operating system that, among other things, processes incoming text […]
A team of European security researchers has published a paper analyzing how the battery life of mobile devices could be used to track web browsing habits of Firefox users on Linux, using the HTML5 Battery Status API (via The Guardian). The specific method they expose in their paper has been fixed by Firefox as of June […]
We’re still buzzing and recovering from the Black Hat and DEF CON conferences where we finished presenting our new Kali Linux Dojo, which was a blast. With the help of a few good people, the Dojo rooms were set up ready for the masses – where many generated their very […]
Same origin violation and local file stealing via PDF reader Security researcher Cody Crews reported on a way to violate the same origin policy and inject script into a non-privileged part of the built-in PDF Viewer. This would allow an attacker to read and steal sensitive local files on the […]
Six WordPress security bugs fixed in version 4.2.4 WordPress, the darling CMS of the open source community, has released moments ago version 4.2.4, which contains lots of security fixes addressing a wide range of issues. Ten bugs have been fixed with this release, six of them being security-related, and quite […]
BitDefender has compromised the details of around 250 users after a data breach revealed that it doesn’t encrypt details of certain customers. First reported by Forbes, the DetoxRansome group behind the hack showed that the usernames and passwords they pilfered were completely encrypted. The passwords would have been incredibly hard […]