Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.
As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical.
TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.
A proof of concept attack developed by researchers target users of the development platforms for Android and Java.
Researchers have found a variant of Ursnif Trojan they said is a “v3 build” that targets Australian bank customers with new redirection attack techniques.
Google beefs up privacy protections on apps distributed via third-party Android marketplaces and Google Play that that collect personal data without user consent.
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.
Researchers say a new remote access Trojan dubbed UBoatRAT is targeting individuals or organizations linked to South Korea or video games industry.
A Cisco Systems security advisory is urges users of its WebEx platform to patch six vulnerabilities that could allow attackers to execute remote code.