The Mozilla Firefox 30 browser does not include major new features, yet it does provide users with security fixes and some incremental updates. Released on June 10, Firefox 30 improves on the Firefox 29 browser, which debuted April 29 with the biggest user interface update for the open-source browser in Continue Reading
The OpenSSL team released a security update that fixes 6 vulnerabilities, two of which could be considered critical. The first one is an SSL/TLS MITM vulnerability (CVE-2014-0224). “An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can Continue Reading
Apache recently patched Tomcat, fixing a trio of information disclosure bugs and a denial of service bug in the open source web server and servlet container. The denial of service bug, discovered in February by David Jorm of the Red Hat Security Response Team, could have allowed an attacker to Continue Reading
The Heartbleed attack that left encrypted data vulnerable to theft is still causing problems, according to a new report. Luis Grangeia, partner and security services manager at information security firm SysValue, claims to have found a new vector that leaves wireless routers and Android devices vulnerable to attack. Dubbed “Cupid”, Continue Reading
Microsoft has warned Windows XP users against using a hack that tricks the company’s servers into applying security patches to the now-unsupported operating system. The workaround first appeared on a forum website called Sebijk, which revealed how making a small change in XP’s registry will fool Microsoft’s upgrade servers into Continue Reading
By