A new security vulnerability in Skype has been discovered that allows a third-party script to reveal users’ remote and local IP addresses, according to GHacks. The script, which was uploaded to Github, allows users to lookup the IP addresses of any online Skype accounts. The code then initiates the contact addition process, but does not complete it. The log …
Lookout Mobile Security on Tuesday published a report stating that a known malicious Android program has been updated with the ability to harm a device without depending on a user’s interaction. The new version of the “Legacy Native” (LeNa) app utilizes an exploit called GingerBreak to gain root permission on Android phones. The new variant of LeNa …
On Wednesday, a Russian hacker discovered a vulnerability in Google’s Chrome web browser during CanSecWest’s Pwnium hacker contest. It was the first time in four years at the competition that Chrome was hacked, and for his efforts, Sergey Glazunov was rewarded with $60,000. Less than 24 hours after the exploit was brought to Google’s attention, the …
Russian university student Sergey Glazunov was able to hack into a secure Windows 7 machine using a remote code execution exploit in Google’s Chrome web browser in five minutes, ZDNet reported Wednesday. The exploit was found during CanSecWest’s Pwnium hacker contest, a competition similar to the popular Pwn2Own contest. Google offered a total of $1 …
Last week, two exploits concerning Google Wallet left users questioning the service’s security. One of the exploits allowed hackers to bypass PIN protection, but it was only present on rooted devices. A second exploit, however, did not require a handset to be rooted, leaving all Google Wallet users exposed. The company maintained that the service was secure …
Two recently uncovered security exploits concerning Google Wallet have left users questioning just how safe the product really is. A security firm exposed a vulnerability last week that allowed hackers to bypass PIN protection, but it was only present on rooted devices. A second exploit, however, did not require a handset to be rooted, leaving all …
A security expert at Italian security firm AIR Sicurezza Informatica claims to have found a security flaw in Google’s new social network that allows hackers to potentially use Google+ servers to execute DDoS attacks. Simone Quatrini explained the flaw on the IHTeam Security Blog, and he wrote a script that can perform the attack, repeatedly …
How’s this for an undocumented feature? Apple’s newer MacBook, MacBook Air and MacBook Pro notebooks have a security flaw that can allow hackers to remotely prevent the batteries from charging. Better yet, hackers can exploit the same flaw and remotely cause batteries to explode. Apple laptops’ new “smart” battery technology is intended to provide added …
The detectives over at Android Police have found an interesting weakness in Skype for Android. The site has discovered that the popular VoIP chat client stores contact details, conversation logs, and a host of other information in a series of unprotected squlite3 databases. “Skype mistakenly left these files with improper permissions, allowing anyone or any …
Adobe has identified a zero-day exploit in the latest version of Flash Player 10.2 for Windows, Mac, Linux and Android. Using the the security hole, an attacker can potentially run malicious code and even take control of an affected system. While the vulnerability and potential damage to a system are significant, common sense will help users …
