Collaborate Disseminate
Google’s Project Zero has unveiled details of a bug in Apple’s iMessage that lets attackers read data from an iPhone without any user interaction. Continue reading iMessage bug could have allowed attackers to read data from any iPhone
The news of the week is discussed, including this week’s Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump’s Cybersecurity EO, and more.
Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows. Continue reading Emergency Update Patches Zero Day in Microsoft Malware Protection Engine
Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory. Continue reading Wormable Windows Zero Day Reported to Microsoft
Two recently published proof-of-concept exploits targeted Microsoft Edge were recently integrated into the Sundown Exploit Kit. Continue reading Two New Edge Exploits Integrated into Sundown Exploit Kit
Google Project Zero announced a six-month Android bug bounty program that requires researchers to file bugs as they find them, rather than hoard the whole chain. Continue reading Google Project Zero Prize Pays $200,000 for Critical Vulnerability Chains
Google has announced that hacker-favorite Adobe Flash Player will no longer, as of Q4, be the default in Chrome. Instead, Chrome will default to HTML5. Continue reading Chrome Defaults to HTML5 over Adobe Flash Starting in Q4