Apple isn’t the only one offering up a $200,000 reward for severe vulnerabilities on mobile devices. Google followed suit yesterday with the announcement of the Project Zero Prize, and like the Apple Security Bounty, the top payout is $200,000. Announced by Google’s Project Zero research team, the contest began yesterday and is scheduled to run...

Microsoft patched 47 vulnerabilities as part of 14 security bulletins, seven critical, with its monthly Patch Tuesday updates today. The company is warning users that if left unpatched, 10 of the issues can lead to remote execution. The updates resolve issues in Microsoft Windows, Office, Office Service and Web Apps, Exchange, its Internet Explorer and...

Apple has finally moved its iOS security update mechanism to HTTPS with today’s release of iOS 10. Previously, updates were sent to devices over HTTP and attackers already present on a network could potentially intercept and manipulate updates. “An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed...

After a month free of Flash Player fixes and emergency patches, Adobe today resumed its monthly ritual of releasing a security update for the maligned software. Today’s update patched 29 issues, most of which enabled remote code execution attacks on the host system. Adobe also updated its Air SDK and Compiler, and Adobe Digital Editions....

The Tor Project on Monday made a public plea for others to speak out against the proposed amendments to Rule 41 of the Federal Rules of Criminal Procedure, which are taking effect Dec. 1 barring a Congressional injunction. The amendments would expand the Department of Justice’s ability to hack computers and conduct surveillance through the...

Civil liberty advocates say a Texas judge got it right when he ruled on a controversial child porn case regarding the FBI’s use of malware to search a computer. Senior U.S. District Judge David Alan Ezra of the San Antonio division of the Western District of Texas court ruled that sending malware to someone’s computer...

When it comes to detecting OS X malware, the future may not be rooted in machine learning algorithms, but patterns and heatmap visualization, a researcher posits. In an academic paper published by Virus Bulletin on Monday, Vincent Van Mieghem, a former student at the Delft University of Technology in the Netherlands, describes how a recurring pattern...

With Microsoft’s Patch Tuesday release tomorrow, the countdown begins for application developers to button down code ahead of Microsoft’s new servicing model starting in October that could present vulnerability issues for some businesses. “Tomorrow it’s going to be business as usual, but it will also raise anxiety as we get closer to October,” said Chris...

The U.S. government has entered into the St. Jude-MedSec-Muddy Waters fray with an investigation into claims St. Jude medical devices are vulnerable to cyberattacks. The Food and Drug Administration and Department of Homeland Security also apparently disapprove of the approach taken by MedSec and Muddy Waters to short St. Jude stock rather than privately disclose...

A researcher has published details and a limited proof-of-concept exploit for a critical vulnerability in MySQL that has been patched by some vendors, but not yet by Oracle. The vulnerability allows an attacker to remotely or locally exploit a vulnerable MySQL database and execute arbitrary code, researcher Dawid Golunski of Legal Hackers wrote today in...