Google is only expected to push the mobile web further now that there are 2 billion active Chrome installs. At the Chrome Dev Summit, Google’s vice president of Chrome engineering and the conference’s opening speaker said, “We have over 2…
OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking
Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover.
Yahoo Tells SEC It Knew About Data Breach in 2014
Yahoo’s latest SEC filing includes confirmation that it knew attackers were on its network in 2014 and stole information on 500 million accounts.
Siemens Discloses Local Privilege Escalation Bug in SCADA Gear
Siemens is warning customers of a local privilege escalation vulnerability that leaves over a dozen models of its SCADA equipment open to attack.
Signal Audit Reveals Protocol Cryptographically Sound
Academics audited the popular end-to-end encryption app Signal and their findings are encouraging.
Facebook suspends plans to collect WhatsApp user data in the UK
Consumer rights ‘aren’t properly protected’, says the ICO as it says users should be given ‘ongoing control’ over their data
WoT pulls browser extension after privacy failure
WoT has left its users exposed on the web by not properly anonymizing the user data it has been selling to third parties.
Tech support scammers bite Chrome users with forgotten 2014 bug
Vulnerability found two years ago remains unpatched by Google
November Patch Tuesday fixes controversial Windows 0-day hole
This month: 14 bulletins, seven remote code execution holes closed, and one controversial ‘promote yourself to administrator’ zero-day bug fixed.
Google hits incorrigible sites with “Repeat Offender” tag
Google is toughening its Safe Browsing policies for sites that won’t clean up their act