Tag: patching

Program code on a monitor

Code Tutorials Spread Application Flaws Far and Wide

In-brief: Researchers at universities in Germany, working with the security firm Trend Micro, discovered more than 100 vulnerabilities in GitHub code repositories simply by looking for re-used code from tutorials and other free code samples. The same method could be harnessed by cyber criminals or other sophisticated attackers to find and exploit vulnerabilities in software applications, the researchers warned.

A report from the firm FireEye warns that industrial firms still have work to do securing their environments from cyber attacks.

Seven Years After Stuxnet, Industrial Firms Still Lag on Security

In-brief: Seven years after the Stuxnet worm proved that attacks on industrial environments was possible, many industrial and manufacturing firms still lack basic elements of an effective information security strategy, a new report finds. 

A flaw in Broadcom WiFi system on chip (SOC) components affects many different types of phones.

WiFi Chip Flaw in iPhone is Really Bad News for IoT

In-brief: a remotely exploitable flaw in a common hardware component used in phones by Apple, Samsung and others underscores the risk posed by software embedded in system on chip components that are found in almost every connected device, experts warn. 

A researcher demonstrated a method for hacking smart television using an attack hidden in a broadcast signal. (Image courtesy of The New York Public Library.)

Researcher Says 9 in 10 Smart TVs Vulnerable to Broadcast-based Attacks

In-brief: a security researcher demonstrated a broadcast-based attacks on smart televisions, almost three years after a similar demonstration by researchers at Columbia. More than 90 percent of smart TVs may be vulnerable – but carrying out an attack may be challenging. 

The Eview 07 GPS tracker is used to protect activists in Columbia. An investigation found that it could also be used to spy on them, or reveal their whereabouts. (Image courtesy of Eview.)

GPS Tracker Used as Anti-Kidnapping Device Leaks Users Location, Info

In-brief: research into GPS tracking devices used by the government of Columbia to help protect journalists and activists reveal a raft of serious security and privacy holes:  more evidence of endemic insecurity in the connected device space.