Apple last week patched a critical iOS memory corruption vulnerability that could allow attackers to execute code on compromised devices.
The flaw was found by Team Pangu, a Chinese hacker group that specializes in building iOS jailbreak tools. The vulnerability is fixed in iOS 9.3.4.
“An application may be able to execute arbitrary code with kernel privileges,” Apple said of the flaw in its advisory;CVE-2016-4654 was assigned to the vulnerability.
Apple thwarts jailbreakers with iOS 9.3.4 update
Lawrence Abrams (creator and owner of BleepingComputer.com) on August 5th:
Understanding the Windows Credential Leak Flaw and How to Prevent It
This week there has been a lot of news about a flaw in Windows that could be used by web sites to easily gain access to a visitor's Windows login name and password. When I tested this flaw it was downright scary. Using a test site for this flaw, the site was able to get my test Microsoft Account login name and the hash of its password in a few seconds. Then it took the site less than 30 seconds to crack the password! What is even scarier, is that this flaw is not new and was discovered in March 1997!
News about this flaw was recently reported again by VPN company Perfect Private and by ValdikSS, who is affiliated with the Russian VPN service ProtoVPN. They have both set up test sites that demonstrate this flaw so that visitors can determine if they are affected and should change their passwords.
Continued : http://www.bleepingcomputer.com/news/security/understanding-the-windows-credential-leak-flaw-and-how-to-prevent-it/