Here’s an interesting tidbit from The Wall Street Journal:
ICQ was a pioneering, mid-1990s internet messaging service then used on bulky PCs on dial-up. It was a precursor to AOL Instant Messenger, and was last in vogue when the TV show “Friends” was in its prime and PalmPilots were cutting edge. It’s been modernized over the years, and now is an app…
Tag: security flaws
Report: PHP, C++, Java, and .NET Applications are the Most Frequently Flawed
Application-security company Veracode “has released the 11th volume of its annual State of Software Security report, and its findings reveal that flawed applications are the norm, open-source libraries are increasingly untrustworthy, and it’s taking a long time to patch problems,” reports TechRepublic. The top three security flaws — like last year — are still information leakage, cryptographic issues, and CRLF injection:…
Microsoft’s ‘Patch Tuesday’ Includes 129 Security Updates, Mostly to Windows
This week Krebs on Security reported that Microsoft “released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software.” None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users….
Microsoft Goes Big in Security Bug Bounties: Its $13.7m is Double Google’s 2019 Payouts
Microsoft has revealed it has awarded security researchers $13.7m for reporting bugs in Microsoft software since July last year. From a report: Microsoft’s bug bounties are one of the largest source of financial awards for researchers probing software for flaws and, importantly, reporting them to the relevant vendor rather than selling them to cybercriminals via underground markets or exploit brokers who…
Microsoft Released an Emergency Security Update to Fix Two Bugs in Windows Codecs
Tuesday Microsoft published two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library, reports ZDNet:
Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions… Microsoft said the two security flaws can be exploited with the help of a specially crafted image file. If the malformed images are opened inside apps…
Some States Have Embraced Online Voting. It’s a Huge Risk.
An anonymous reader quotes a report from Politico: On Sunday, researchers at the Massachusetts Institute of Technology and the University of Michigan revealed numerous security flaws in the product that West Virginia and Delaware are using, saying it “represents a severe risk to election security and could allow attackers to alter election results without detection.” In fact, it may be a…
Adobe Issues Patches For 36 Vulnerabilities In DNG, Reader, Acrobat
An anonymous reader quotes a report from ZDNet: Adobe has released security patches to resolve 36 vulnerabilities present in DNG, Reader, and Acrobat software. On Tuesday, the software giant issued two security advisories (1, 2) detailing the bugs, the worst of which can be exploited by attackers to trigger remote code execution attacks and information leaks. The first set of patches…
The Jury Is Still Out On Zoom Trials
As cities across the United States continue shelter-in-place orders due to the COVID-19 pandemic, some in-person court proceedings are now taking place over Zoom. “It’s an unprecedented moment for the justice system, which is typically slow to adapt to new technology,” writes Zoe Schiffer from The Verge. “No one is sure if that’s a good thing.” From the report: Critics worry…
Zoom’s Security Woes Were No Secret to Business Partners Like Dropbox
Dropbox privately paid top hackers to find bugs in software by the videoconferencing company Zoom, then pressed it to fix them. From a report: One year ago, two Australian hackers found themselves on an eight-hour flight to Singapore to attend a live hacking competition sponsored by Dropbox. At 30,000 feet, with nothing but a slow internet connection, they decided to get…