5 matches found
Breaking Signal: A Six-Month Journey
UPDATE MIAMI–Markus Vervier and Jean-Philippe Aumasson have spent the past six months poking security holes in the end-to-end encryption protocol Signal, all on their free time. And they have been successful in privately disclosing what they consider more than a half-dozen flaws to Signal, most o...
LastPass Patches Ormandy Remote Compromise Flaw
LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager, . The divisive Ormandy submitted a bug report on Tuesday to LastPass after a series of tweets hinting at serio...
Four Oracle Demantra Security Vulnerabilities Found
Oracle’s Demantra, part of the company’s Value Chain Planning suite of software, is fraught with vulnerabilities according to several bug disclosures issued over the weekend. Researchers at the London-based computer security firm Portcullis claim the application is plagued by a four vulnerabiliti...
Security Threats Increasing in Sophistication and Precision
IBM’s X-Force 2010 Trend and Risk report showed that as vulnerability disclosures hit their highest level ever in 2010, security threats continued to increase in sophistication and precision. Like the term or not, 2010 may well have been the year of the APT, the term has become familiar to nearly...
Group to Publish 'Month of Vulns' Starting Sept. 1
Starting tomorrow, a little-known group of security researchers will kick off a month of bug disclosures that target unpatched vulnerabilities in software from Adobe, Microsoft, Mozilla, Apple and others. Read the full article. Computerworld...