The most exciting new features support for OpenType variable fonts, the full statement of the Network Quality Estimator API, the capacity to capture and stream DOM elements, and HTTP warnings for the browser’s Natural and Incognito mode. While for most users this wouldn’t seem like a big opportunity, the most important new feature attached in […]

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core engine,

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said. According to CyberArk, a BoundHooking attack exploits the

An espionage group is launching cyber attacks against organisations in the maritime and defence sectors in what’s highly likely to be an effort to steal confidential information and research data. Dubbed Leviathan, the group has been active since at least 2014 and takes particular interest in maritime industries, naval defence contractors and associated university research

On Windows 10 PCs, connecting to a network is normally as simple as plugging in a network cable or entering a passphrase at a Wi-Fi prompt. The networking tips in this category cover administrative tasks, such as weeding out saved Wi-Fi credentials and looking up your IP address, as well as occasional troubleshooting demands. Unfortunately,

Internet connected smartwatches for children have been found to contain security vulnerabilities which allow hackers access to track the wearer’s location, eavesdrop on conversations or even communicate with the child user. And with some of these devices, data is transmitted and stored without encryption, says an investigation by the Norwegian Consumer Council (NCC). Working alongside

Security experts are urging Lenovo customers to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices. On Oct. 5, Lenovo quietly rolled out four patches impacting all of its Android tablets, Vibe and Zuk phones, and the Moto M (XT1663) and

Security researchers found a sophisticated remote access trojan that has resurfaced after more than a decade since it was first released. The new malware, dubbed “Hacker’s Door” by researchers at Cylance, is operated by what’s thought to be a Chinese advanced persistent threat hacker group known as Winnti. The malware has many similarities to a remote

  Monday morning was not a great time to be an IT admin, with the public release of a bug that effectively broke WPA2 wireless security. As reported previously by ZDNet, the bug, dubbed “KRACK” — which stands for Key Reinstallation Attack — is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2)

The top 100,000 websites as ranked by Alexa were examined. Co-founder and CTO Andrey Meshkov gave his company’s verdicts on Thursday. We found 220 sites that start mining when a user starts their main page, with an aggregated audience of 500 million people. These users live all over the world; there are places with users from the USA,