Collaborate Disseminate
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers. Continue reading Apple Fixes Flaw Impacting HomeKit Devices
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks. Continue reading Banking Apps Found Vulnerable to MITM Attacks
Latest Vault7 release exposes network-spying operation CIA kept secret since 2007. Continue reading Advanced CIA firmware has been infecting Wi-Fi routers for years
More than 70 iOS apps are vulnerable to man-in-the-middle attacks where TLS connections can be intercepted and sensitive data stolen. Continue reading Popular iOS Apps Vulnerable to TLS Interception Attacks
The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys. Continue reading Mozilla Reduces Threat of Export-Grade Crypto to Firefox
Google last week announced changes in the way it will handle trusted Certificate Authorities in Nougat, the latest version of the Android operating system. Continue reading Google Updates CA Trust Mechanisms in Android Nougat
New study finds third-party updaters are riddled with critical vulnerabilities. Continue reading Out-of-the-box exploitation possible on PCs from top 5 OEMs