889 Results for

flawed

Article

Apple dumps SSL 3.0 for push notifications due to Poodle flaw

Apple will switch to the TLS encryption standard after disclosure of vulnerability that could expose encrypted data.

By October 22, 2014

Article

Google exposes 'Poodle' flaw in Web encryption standard

Three Google security engineers uncover a major vulnerability in the older -- but still supported -- Web encryption standard SSL 3.0. Experts say fixing it is impossible and upgrading will be difficult.

By October 14, 2014

Article

Microsoft's Patch Tuesday fixes trio of 'zero-day' flaws

Monthly security update addresses two dozen vulnerabilities, including one being exploited as part of the "Sandworm" cyberattack.

By October 14, 2014

Article

Russian hackers tap Windows flaw to hit NATO, Ukraine

Security firm iSight says the "Sandworm" team has targeted NATO, the European Union, Ukraine and industry through a previously unrecognized Windows zero-day exploit.

By October 14, 2014

Article

Zero-day flaw haunts IE 8 for 7 months and counting

An Internet Explorer 8 vulnerability goes unfixed by Microsoft for more than half a year, reports the Zero Day Initiative.

By May 21, 2014

Article

Serious security flaw in OAuth, OpenID discovered

Attackers can use the "Covert Redirect" vulnerability in both open-source log-in systems to steal your data and redirect you to unsafe sites.

By May 2, 2014

Article

After Heartbleed, NSA reveals some flaws are kept secret

The White House explains the government’s process when deciding whether to withhold knowledge of a security vulnerability -- “There are legitimate pros and cons to the decision to disclose.”

By April 28, 2014

Article

Flash update fixes bug unrelated to IE zero-day flaw

Adobe and Microsoft patch a critical zero-day security flaw in Adobe's Flash Player that is actively being used to target Windows users, but the bug is different from an unpatched hole in Internet Explorer.

By April 28, 2014

Article

Obama reportedly lets NSA keep some security flaws secret

While saying that most vulnerabilities should be revealed, the White House allows some flaws to be kept secret in the event of "a clear national security or law enforcement need," the New York Times reports.

By April 13, 2014

Article

Report says NSA exploited Heartbleed, kept flaw secret -- but agency denies it

A Bloomberg report says the agency knew about the Heartbleed security flaw that's sent sites like Google scrambling to patch their systems -- but it kept it secret and used it to spy. The agency, however, says that's not so.

By April 11, 2014