Have you heard? A tiny bug in Cloudfare's code has led an unknown quantity of data — including passwords, personal information, messages, cookies, and more — to leak all over the internet. If you haven't heard of the so-called Cloudbleed vulnerability, keep reading. This is a scary big deal.
Tagged With exploits
Trust the listings you find on Google Maps? You shouldn't, because it's easy to fake them. That's what Google Maps exploiter Bryan Seely demonstrated for me this morning. And while trolling politicians with dick jokes is never not funny, there's also a whole sub-community of scammers turning Google Map's little bugs into cold, hard cash.
You probably don't know Nir Goldshlager, but he sure could have known you until recently. That's because Nir discovered a major privacy flaw in Facebook's OAuth, the system developers use to access all sorts of information every time you hit that little "allow" button. Nir gained access to virtually anyone's entire Facebook account.
Apple has been keeping busy rolling out small patches for iOS 6. The latest, iOS 6.1.3 beta 2 just hit developers. Importantly, 9To5Mac reports that the update fixes the gaping lock screen bug that allows access even with out a passcode.
There's a crazy exploit sneaking around that could brick your Samsung phone and break into your physical memory to steal your data. But don't freak out — Samsung says it's aware of the problem and is working quickly on software fixes.
Got a Samsung Galaxy SIII? Maybe a Galaxy Note II? Well listen up because there's a new boogeyman on the loose. According to a thread at XDA Developers, there's an exploit out there that can let Android malware apps get at all your physical memory, for the purposes of stealing your data or deleting it or whathaveyou.
You had better hope the gent who discovered this WinPho security exploit is the only one who knows how to do it: this video shows just how easy it is to permanently ruin a WP7 handset.
A Stanford computer science student named Feross Aboukhadijeh has uncovered a pretty major security hole in Adobe Flash, in which somebody could turn on your Mac's webcam and mic and save that video for whatever nefarious purposes. Oh good.
Square's credit card reader for iOS/Android devices is pretty awesome - it lets anybody quickly and easily start taking credit payments. But according to Douglass Bergeron, the CEO of competing company Verifone, the device itself isn't hardware-encrypted, meaning anyone could write an app that strips unprotected info from your card.
A 17-year old Australian is taking responsibility for unwittingly causing yesterday's Twitter bug. While the teen didn't directly bring the flood of spam and porn retweets, he burst open the dam. I guess that passes for precociousness these days?
Twitter was going nuts this morning with a fresh exploit that had people inadvertently retweeting spam links left and right, but thankfully, Twitter was quick to patch things up. And, as it happens, their fix didn't just fix things, it improved them: the patch brought Reply to All and Auto-Complete features to the recently revamped Twitter.com. I'll take it!