Repositories offer up vulnerable libraries says report
Developers will continue to use vulnerable versions of libraries downloaded from repositories long after the vulnerabilities have been exposed, but there's no easy solution to the problem
Hotel Keycard Lock Hack Gets Real In Texas
Sparrowvsrevolution writes "You may remember a vulnerability in four million keycard locks presented at the Black Hat conference in July. Hacker Cody Brocious showed he could insert a device he built for less than $50 into the port at the bottom of the common hotel lock, read a key out of its memory, and open it in seconds. Two months later, it turns out at least one burglar was already making use of that technique to rob a series of hotel rooms in Texas. The Hyatt House Galleria in Houston has revealed that in at least three September cases of theft from its rooms, the thief used that Onity vulnerability to effortlessly open rooms and steal valuables like laptops. Petra Risk Solutions, an insurance firm focus the hospitality industry also reports that at least two other hotels in Texas were hit with the attack. Onity has been criticized for its less-than-stellar response to a glaring vulnerability in its devices. The Hyatt says Onity didn't provide a fix until after its break-ins, forcing ...
Found more than 1 month ago on channel Slashdot
Days Before Closing Its $5M Series B, Mobile Security Startup Mobilisafe Acquired By Rapid7
Rapid7, a maker of vulnerability and penetration testing products, has acquired Seattle-based mobile security startup Mobilisafe. In November, Rapid7 raised an additional $50 million in Series C financing, and announced its intentions to expand its current product lineup via acquisitions. Mobilisafe, whose solution identifies vulnerabilities present on employees' mobile devices in realtime, was an obvious fit.
Microsoft to close critical IE hole with a temporary Fix-it
The company says that it plans to release a Fix-it tool to close the critical vulnerability in Internet Explorer in the next few days; this will be a temporary solution until a suitable update is made available
Microsoft and Germany's BSI warn against using IE
The extent of the critical vulnerability in Internet Explorer is greater than previously realised. Both Microsoft and Germany's BSI have now issued warnings, though their suggested solutions differ