Security issues such as the Heartbleed bug and a number of huge data breaches were the main attractions of the second quarter of 2014. Targeted industries and security companies responded in varying fashion, all in the name of protecting end-users.
Evernote issues a patch for its Android app has been found to be vulnerable. In the course of our investigation, however, we found another vulnerability that Evernote has to look at.
Trend Micro researchers found two critical vulnerabilties in Alipay, an app payment system popular in China. When exploited, the vulnerabilities allow attackers to manipulate app displays or create phishing pages to get data.
Smart grids are power grids with digital capabilities. Given the widespread control smart grids hold over public utilities, attackers are likely to target them to gain power or extort money.
Smart meters are already installed in many cities across the globe. As more homes are installed with smart meters, homeowners should be aware of the possible risks they may bring.
Use-After-Free exploits are now unheard of. Thanks to “delay free,“ an improvement deployed by Microsoft on Internet Explorer 11. With this improvement, timing to occupy freed object space becomes difficult to find for an attacker.
There is no silver bullet that can handle all targeted attacks that prey on organizations with varying security demands. In this article, we discuss the use of heuristics and sandboxing as complementary technologies that can go a long way against attacks.