Amazon fixes security flaws allowing smart home hijacks

Some smart home device owners may have dodged a bullet. Amazon recently patched 13 security flaws in an operating system for the Internet of Things, FreeRTOS, as well as Amazon Web Services connection modules. The holes let intruders crash devices,...

MIT finds a smarter way to fight Spectre-style CPU attacks

Many companies have developed patches to mitigate Meltdown- and Spectre-like speculative memory attacks. However, they can come with compromises: they can leave major gaps and still slow down your system. MIT researchers may have a better way. They'v...

WhatsApp fixes video call exploit that allowed account hijacks

WhatsApp owners may have just dodged a bullet. The messaging service has fixed a security flaw that let intruders hijack the app (and thus your account) when you answered an incoming video call in Android or iOS. If an attacker sent a malformed Real-...

App flaw let anyone access UK Conservative politicians’ data

The UK Conservative party is learning a hard lesson about the importance of basic security measures in mobile apps. Users have discovered that you could log into the party's conference app using only an attendee's email address, providing access to a...

Voting machines are still plagued with vulnerabilities as midterms loom

The Def Con Voting Village, which for two years in a row has let conference attendees try their hand at breaching voting machines, has released the report on this year's event. More than 30 voting machines and other pieces of election equipment were...

Initial ‘Fortnite’ Android installer let hackers install malware

When Epic said it would skip the Google Play Store with Fortnite's Android release, it raised eyebrows among security experts. Wasn't it creating risks by encouraging gamers (some of whom didn't understand the potential dangers) to install non-Store...

Intel discloses another set of processor vulnerabilities

Intel disclosed another set of processor flaws today that could let attackers steal information stored on computers or third party clouds. Discovered by a number of researchers and reported to Intel in January, the vulnerability includes three variet...